fc-lc.com Open in urlscan Pro
2606:4700:3032::ac43:aaf0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fc-lc.com/SKETCHUP2022
Submission: On June 22 via manual (June 22nd 2023, 10:46:11 pm UTC) from PE — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 19 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3032::ac43:aaf0, located in United States and belongs to CLOUDFLARENET, US. The main domain is fc-lc.com. The Cisco Umbrella rank of the primary domain is 427977.
TLS certificate: Issued by GTS CA 1P5 on June 11th 2023. Valid for: 3 months.

This is the only time fc-lc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::ac43:aaf0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::6815:5822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	23.109.87.190 23.109.87.190	7979 (SERVERS-COM) (SERVERS-COM)
6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::681a:d76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:8b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:cc11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
2	45.133.44.37 45.133.44.37	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
54	21

1 2606:4700:3032::ac43:aaf0 (United States)

ASN13335 (CLOUDFLARENET, US)

fc-lc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:5822 (United States)

ASN13335 (CLOUDFLARENET, US)

fc.lc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.190 (Netherlands)

ASN7979 (SERVERS-COM, US)

cheeroredraw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

forfrogadiertor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oaphoace.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8b2 (United States)

ASN13335 (CLOUDFLARENET, US)

i.gyazo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cc11 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

dudialgator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.37 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.cdnkimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gstatic.com fonts.gstatic.com www.gstatic.com	694 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3	104 KB
5	forfrogadiertor.com forfrogadiertor.com — Cisco Umbrella Rank: 646838	34 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
4	fc.lc fc.lc — Cisco Umbrella Rank: 433771	44 KB
3	oaphoace.net oaphoace.net — Cisco Umbrella Rank: 93036	34 KB
2	cdnkimg.com i.cdnkimg.com — Cisco Umbrella Rank: 13815	27 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	151 KB
1	dudialgator.com dudialgator.com — Cisco Umbrella Rank: 61648	2 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 15731	479 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9487	540 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 17017	7 KB
1	bedrapiona.com bedrapiona.com — Cisco Umbrella Rank: 46337	2 KB
1	gyazo.com i.gyazo.com — Cisco Umbrella Rank: 119220	7 KB
1	iclickcdn.com iclickcdn.com — Cisco Umbrella Rank: 269897	26 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	28 KB
1	cheeroredraw.com cheeroredraw.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	fc-lc.com fc-lc.com — Cisco Umbrella Rank: 427977	4 KB
54	19

	Domain	Requested by
9	www.gstatic.com	www.google.com www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	fc-lc.com www.gstatic.com www.google.com
5	forfrogadiertor.com	fc-lc.com forfrogadiertor.com
4	fc.lc	fc-lc.com
3	oaphoace.net	fc-lc.com oaphoace.net
2	i.cdnkimg.com	fc-lc.com forfrogadiertor.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	fc-lc.com www.googletagmanager.com
1	dudialgator.com	iclickcdn.com
1	fleraprt.com	tzegilo.com
1	my.rtmark.net	iclickcdn.com
1	tzegilo.com	oaphoace.net
1	bedrapiona.com	iclickcdn.com
1	i.gyazo.com	fc-lc.com
1	iclickcdn.com	fc-lc.com
1	cdnjs.cloudflare.com	fc-lc.com
1	cheeroredraw.com	fc-lc.com
1	fonts.googleapis.com	fc-lc.com
1	fc-lc.com
54	21

This site contains no links.

Subject Issuer	Validity	Valid
fc-lc.com GTS CA 1P5	`2023-06-11` - `2023-09-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
fc.lc Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cheeroredraw.com R3	`2023-04-19` - `2023-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
forfrogadiertor.com R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
oaphoace.net R3	`2023-06-18` - `2023-09-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
bedrapiona.com R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
rtmark.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-14`	a year	crt.sh
dudialgator.com R3	`2023-06-10` - `2023-09-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
i.cdnkimg.com R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://fc-lc.com/SKETCHUP2022
Frame ID: 2E122E8F544F87E3E0743C4DA882336D
Requests: 31 HTTP requests in this frame

Frame: https://i.gyazo.com/7054573b8e1afc3fb4c35c3b55df037c.png
Frame ID: 2F1CF0C87636625BBCDFAD2389A02B90
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id&co=aHR0cHM6Ly9mYy1sYy5jb206NDQz&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=msrgi65trgxu
Frame ID: D735A0D8831BB2D83871E1E59E067D3E
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id
Frame ID: 23CCCB4145CC76F0BB90E1DCDCF42965
Requests: 11 HTTP requests in this frame

Frame: https://i.cdnkimg.com/auto/192/q85/image/vk/7738/738/64751b2ff003at1685396271r6995.jpg.webp
Frame ID: 6E6B4FC94587EDDDBE2E1407E34CAD14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

54
Requests

96 %
HTTPS

65 %
IPv6

19
Domains

21
Subdomains

21
IPs

4
Countries

1190 kB
Transfer

2746 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request SKETCHUP2022 Show response
fc-lc.com/ 8 KB
4 KB 257ms
151ms Document
text/html 2606:4700:3032::ac43:aaf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aaf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89cfc847b788147312e8fd04c1a03705f6522d206f6ad9fc8c51d23c3c31c0d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7db8067a7ad11da6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Jun 2023 22:46:05 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o06ExULDlyC6DidBI6TIas0mjegnDMWij77ryI2hv%2FFM0KjiCUBIQ0dfAx5N4EHQ6lv65%2BDhCL200cjb5TIliZ%2FOYGrPMqOOBDlexfredmcj8jz8L5jJJK8QbsLTcOr38nladkB62no%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 138ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bdbc7aa942ed3cc380c72be1c45147f4d7ec5e6b5b084f6527a46022314958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 21:08:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jun 2023 22:46:05 GMT

GET
H2 200 bootstrap.min.css
fc.lc/CustomTheme/css/ 108 KB
18 KB 287ms
58ms Stylesheet
text/css 2606:4700:3037::6815:5822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fc.lc/CustomTheme/css/bootstrap.min.css

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:5822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83521aad7c96625246ef4168f1d84d12b0652e8eb61ad0875066fee1fa797daf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 19:43:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5146
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqvkH%2BL2ULfPysr6KZIaxr1G7TCoCOFWc0z9%2Fvsy1sOU9GcYHiiIFLko5aqwGbetJRqeEFukTIBZ%2FMq2EmnfTt2gLrsSHKE6C1kcJpjvAD1H%2BoZfo4KrnbqH%2FVZ6b8%2FVpdRl6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
cf-ray: 7db8067ced423a90-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 22 Jun 2023 21:11:17 GMT

GET
H2 200 main.css
fc.lc/CustomTheme/css/ 24 KB
5 KB 285ms
57ms Stylesheet
text/css 2606:4700:3037::6815:5822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fc.lc/CustomTheme/css/main.css

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:5822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e38ae45e4ab6870530ad77bc793c32dcb03a600156b9930ffe3104f6702b25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84106
cf-polished: origSize=32501
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 7 Feb 2019 2:14:53 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FduxATosdc1Y6JefYxZuV3QpW5aaZwKlwGAWMCA2gr94M6cYzzJJMqOgPGSVgnIRWWg%2Foaj5vF00Qst9%2FS2AJeYdTPbuziiBAPppEMRBAA554Jy%2BDAaKGr7yWg0CH1Dot5Rmjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
cf-ray: 7db8067ced443a90-FRA
expires: Thu, 22 Jun 2023 23:24:19 GMT

GET
H2 200 custom.css
fc.lc/CustomTheme/css/ 47 KB
19 KB 279ms
50ms Stylesheet
text/css 2606:4700:3037::6815:5822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fc.lc/CustomTheme/css/custom.css

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:5822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62d3ff7ec9f5543b6d6a2429170ed375b550d869b90d9886464143cd89b83ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84106
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Apr 2019 1:51:11 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLFmMhEP2hLVcX0O6QtDTygQY2ZBlXAMQFtvj8yX1Bi5UwNQwu%2FcondoJkM3nDdu2f99tfsBRfNfWBGiKFPuV44XRM93SIJaUcbaIHDtr%2F3D97qUOuYZMEHt%2FSZR6EPCu3S8qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
cf-ray: 7db8067ced453a90-FRA
expires: Thu, 22 Jun 2023 23:24:19 GMT

GET
H2 200 modernizr.min.js Show response
fc.lc/CustomTheme/js/vendor/ 1 KB
1 KB 319ms
90ms Script
application/javascript 2606:4700:3037::6815:5822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fc.lc/CustomTheme/js/vendor/modernizr.min.js

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:5822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

147b08aa6afaa0b704ebedb56d0b146a7e33600a971e5d20773b3371db70be11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 15 Jan 2019 20:08:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZxyhiTf0jsOEeA4AEqT1gcnMGt06%2F3qpZDem3eKGFcjiswUreDeFuOWzeuUGxLrB4UQM%2BvpzeyeG4f1HnQrQ2gtoXT7ivJnOO8uA6aTfjMQXZa6zs06n6b3tdXhOwhe7xDeOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
cf-ray: 7db8067ced463a90-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 22 Jun 2023 14:30:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 146ms
54ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90563943-1

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffbeb2405f047f648199d3e9e6a24b5871fc7e294c4c8be4277c43218a6c67b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Jun 2023 22:46:05 GMT

GET
H/1.1 200
OK 57973 Show response
cheeroredraw.com/1clkn/ 6 B
1 KB 455ms
55ms Script
application/javascript 23.109.87.190
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cheeroredraw.com/1clkn/57973

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.190 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 22:46:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 139ms
50ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a678c4996f3af19954605ff0cbb95c2a1880c522da930831c8d20c08a101ac62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 22 Jun 2023 22:46:05 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 129ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6676834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOon9pqS%2F%2FrswtiYiEUzfBoEaPH44OvmD2m8Qwa2haejqOeTRCr4PxdGOi5jToSFqjWi5UXFuiKxzQPvzLpMUWyiEeMBBWVYlrn3j4xmJS8PriSvUtvRM0p4BL2oqmBSTc9rM%2BJA3JTTzu3Joor%2FWkgq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7db8067bfb32382b-FRA
expires: Tue, 11 Jun 2024 22:46:05 GMT

GET
H2 200 4991594 Show response
forfrogadiertor.com/400/ 79 KB
30 KB 242ms
115ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/400/4991594

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

92bf8639f023fd0fae50386f1d3047defe734a55a427ff0d9a9ecee9c6429795

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: 467f508bd46e69aea75dbb721965d03c
pragma: no-cache
date: Thu, 22 Jun 2023 22:46:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 76 KB
26 KB 152ms
49ms Script
text/javascript 2606:4700:20::681a:d76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70767bdfc8bc63807c0e9b1e8780386fac1e53c8ab322b88a028fccbd00d782f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63972
x-trace-id: 0550dd4c544c7db80db96699639a8784
pragma: no-cache
last-modified: Wed, 21 Jun 2023 13:58:52 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6xm4U7vSmo%2FgCgtjCBcui7MaVdbAgUtF3hB%2FW5S4r1pyeHQIlumQ4xaqAfoSIMwPtLUc1ICkjzcRKQcHzvlDURiaGKtbXyo56iB%2F8wEY4W0jsZdkzXaDiPDklnKKNnGH0tZkqz7%2Fg3ayD0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7db8067e3c871c13-FRA
expires: Fri, 23 Jun 2023 04:59:53 GMT

GET
H2 200 4859954 Show response
oaphoace.net/401/ 86 KB
33 KB 206ms
96ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oaphoace.net/401/4859954

Requested by

Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

02135f8ec8ab2d9f43ec465bfc82260c3c65f00759b214db10ea989fe0584da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: 630581b62cfa8b533c20ed47cd7fa6f2
pragma: no-cache
date: Thu, 22 Jun 2023 22:46:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 129ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fc-lc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 512661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 00:21:44 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ 430 KB
173 KB 137ms
40ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fc-lc.com/
Origin: https://fc-lc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 20:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 20:57:18 GMT

GET
H2 200 7054573b8e1afc3fb4c35c3b55df037c.png
i.gyazo.com/ Frame 2F1C 7 KB
7 KB 158ms
60ms Image
image/png 2606:4700::6812:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gyazo.com/7054573b8e1afc3fb4c35c3b55df037c.png
Requested by: Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 162c78a55a2a04111b48bc21c1eeae420fe49b0d275a1f02bc9059bf829cdaa1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
via: 1.1 google
cf-cache-status: HIT
age: 797157
content-length: 7148
server: cloudflare
etag: "7054"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://gyazo.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-dpr: 1.000000
x-cache-level: ZS
accept-ranges: bytes
cf-ray: 7db8067e7bbf1d88-FRA
expires: Fri, 21 Jun 2024 22:46:05 GMT

GET
H2 200 / Show response
bedrapiona.com/5/4910016/ 3 KB
2 KB 166ms
51ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/4910016/?oo=1&js_build=iclick-v1.565.1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1e9ec37017f28b29fcc0de5ceabbb0a254c155c93cf62d2125a793c998a415a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: be878b105af4091d4379a4f659968ee5
pragma: no-cache, no-cache
date: Thu, 22 Jun 2023 22:46:06 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fc-lc.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
87 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-69R08YB489&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90563943-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47d66fb4053c7e0f8f6ef0aabf27d7cd61624b48239ca369f2de0dfa139487e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89115
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Jun 2023 22:46:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90563943-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Jun 2023 22:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 644
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 23 Jun 2023 00:35:22 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 17 KB
7 KB 166ms
49ms Script
application/javascript 2606:4700:e6::ac40:cc11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: oaphoace.net
URL: https://oaphoace.net/401/4859954
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 08:43:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1369
etag: W/"646736cf-4447"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FxKJs8SzX6EBy2pVKd4agulwBq1x6EmuSn4POo1sFUEsLLdB80Wlpw3fEAbO7sDpKlGlHKdm%2F9ZyCgpXqAQa%2BuLYGG6tfR%2FIsdr%2FgMnx1h8zGngxPd%2BoOaxYnHeiQ17a6PcEcmzr9JldQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7db8067ffffe1e57-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D735 52 KB
29 KB 66ms
65ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id&co=aHR0cHM6Ly9mYy1sYy5jb206NDQz&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=msrgi65trgxu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5835dc266f17e75548250795788e45b2249b30fd3278433d390cd46ba662d86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NYQXwqbgLuFzqKaYcvyo4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fc-lc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28997
content-security-policy: script-src 'report-sample' 'nonce-NYQXwqbgLuFzqKaYcvyo4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:46:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 160ms
46ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=1afc6f47aa8f4b828d7188cf5b98d770

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e6e6c486f75d3302aae5a1bfff94e732126ff4741d535aa6815f89f2da97199b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fc-lc.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 140ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-69R08YB489&gtm=45je36l0&_p=130533892&cid=1925287395.1687473966&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687473966&sct=1&seg=0&dl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-69R08YB489&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:46:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fc-lc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 47ms
47ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=130533892&t=pageview&_s=1&dl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1148751707&gjid=536589163&cid=1925287395.1687473966&tid=UA-90563943-1&_gid=1691596207.1687473966&_r=1&gtm=457e36l0&jsscut=1&z=101375578

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fc-lc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fc-lc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame D735 55 KB
24 KB 126ms
44ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id&co=aHR0cHM6Ly9mYy1sYy5jb206NDQz&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=msrgi65trgxu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 20:14:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame D735 430 KB
173 KB 125ms
43ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 20:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 20:57:18 GMT

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
479 B 160ms
49ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: https://fc-lc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 22 Jun 2023 22:46:06 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://fc-lc.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

OPTIONS
H2 200 4859954
oaphoace.net/500/ Frame 0
0 143ms
48ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oaphoace.net/500/4859954?excludes=&oaid=1afc6f47aa8f4b828d7188cf5b98d770&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fc-lc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://fc-lc.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Thu, 22 Jun 2023 22:46:06 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 204 4859954 Show response
oaphoace.net/500/ 0
456 B 53ms
53ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: oaphoace.net
URL: https://oaphoace.net/401/4859954

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://fc-lc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 646c1370ea18225819d5526c08ebef5f
pragma: no-cache
date: Thu, 22 Jun 2023 22:46:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://fc-lc.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 4991594 Show response
forfrogadiertor.com/500/ 4 KB
4 KB 175ms
175ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/500/4991594?excludes=&oaid=1afc6f47aa8f4b828d7188cf5b98d770&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/4991594

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c4f1d539388eb7159db00ea23fc4bc1bb06ecabc34585a287e90d77c0c9e4462

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://fc-lc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 88815f35fdd693bd094b28e0e03513a0
pragma: no-cache
date: Thu, 22 Jun 2023 22:46:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://fc-lc.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 4991594
forfrogadiertor.com/500/ Frame 0
0 143ms
47ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fc-lc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://fc-lc.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Thu, 22 Jun 2023 22:46:06 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 / Show response
dudialgator.com/ 2 KB
2 KB 179ms
65ms Fetch
application/json 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dudialgator.com/?rb=3ZHuqSpw1NPvVUwXx7zJqXS_NE1vKY9vqoMuoyjQRYZcLzRg7O_oCKGXLkqo5sIJeX2Sdu69ddhZgsC9iCCrElsltxrzuo7mt3FzuXwZaka4eMqUP4qVE1jT8otdQLS1VByzZhBumIJZoJlnjlJmkOHpY7xv0TtSuwdWaCD6ey2g4PVCGB-O72HlnPEtAq2Bmvb8xa_AknbaI9XGayOelf-Zy1h4kjMvG4fsk5X01uMZNTcnLVc4yyLogQNJFeK4eLZOc7FUWuLcxQkcnzXGHw%3D%3D&request_ab2=0&zoneid=4910016&js_build=iclick-v1.565.1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=2&pl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.565.1&bs=9816af10-6b80-4491-845f-d474393c889b&userId=1afc6f47aa8f4b828d7188cf5b98d770&m=link

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bc7fec83e5c85b5d38d479c64fae62b965d865b3fec0839b7279d6ac7eb42353

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: a5b11c6697247a5056a982c8d637de9b
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fc-lc.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D735 2 KB
2 KB 44ms
42ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 166349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Jun 2023 00:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D735 15 KB
15 KB 43ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 167991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 00:06:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D735 15 KB
15 KB 58ms
56ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 449901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:47:45 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D735 102 B
133 B 55ms
52ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id&co=aHR0cHM6Ly9mYy1sYy5jb206NDQz&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=msrgi65trgxu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 22 Jun 2023 22:46:06 GMT

GET
H2 200 64751b2ff003at1685396271r6995.jpg.webp
i.cdnkimg.com/auto/192/q85/image/vk/7738/738/ 14 KB
14 KB 394ms
154ms Image
image/webp 45.133.44.37
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/192/q85/image/vk/7738/738/64751b2ff003at1685396271r6995.jpg.webp
Requested by: Host: fc-lc.com
URL: https://fc-lc.com/SKETCHUP2022
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 764a135ba7cc9fe474a44f4fc868024b194d240d4d526be0278337cc3482941c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 06 Jul 2023 22:46:06 GMT
date: Thu, 22 Jun 2023 22:46:06 GMT
server: nginx/1.23.2
x-cache-status: MISS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
content-length: 13868
x-proxy-cache: HIT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 23CC 7 KB
1 KB 55ms
52ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

513a16cb0faca711a3bfcbfa9db86fd1d96dc587a01544a79d06e429a9f44aa1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1-dOR7KgYq2--DXVrgI5oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fc-lc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1154
content-security-policy: script-src 'report-sample' 'nonce-1-dOR7KgYq2--DXVrgI5oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:46:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 23CC 55 KB
24 KB 115ms
114ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 20:14:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 23CC 430 KB
173 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 20:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 20:57:18 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 23CC 40 KB
24 KB 84ms
84ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

315dff486dd8b3e94f3f114b2c2c6220a5104b3d53f23ce900dac3aae3575de7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 22 Jun 2023 22:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 1; mode=block
expires: Thu, 22 Jun 2023 22:46:07 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 23CC 600 B
624 B 40ms
40ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:01:22 GMT
x-content-type-options: nosniff
age: 589485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Jun 2023 03:01:22 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 23CC 530 B
554 B 42ms
41ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 18:31:39 GMT
x-content-type-options: nosniff
age: 447268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 24 Jun 2023 18:31:39 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 23CC 665 B
689 B 42ms
41ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:30:32 GMT
x-content-type-options: nosniff
age: 450935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 24 Jun 2023 17:30:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 23CC 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 167992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 00:06:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 23CC 15 KB
15 KB 61ms
60ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:41:14 GMT
x-content-type-options: nosniff
age: 587093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 03:41:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 23CC 15 KB
15 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 449902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:47:45 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 23CC 49 KB
49 KB 62ms
60ms Image
image/jpeg 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AL8dmw8orP_iOBCqi_EjkKIZpP1qNiUI8uIGhSyehmelK2tgEAXVCv_PEE3ihP-Qs468-uPxPUsJrR3PZBBs7f6moBMRnVuW32JLa5snKBQGdWw_POfxmxVVQMU66O_6p1qKt10x9q68z2iKNTTFs-eSDP4BaWGibpiccphpivoosW_p6croNVeV-WUjMnJMVIt0xP-fRdHXJ1Eld6VtSEbswDf9DmrWAA&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f851579716cc30b2c866700f8386a8d7e91aa88893f20380148c7b3130180ed5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6LdjWrIaAAAAAArGwFNJzZI_FJmUxq4u4jmb-_id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:46:07 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50401
x-xss-protection: 1; mode=block
expires: Thu, 22 Jun 2023 22:46:07 GMT

GET
H2 200 IEoUT2CPzuXhmDZ6rNhADhF9cnYLi7UD1wX3pDuwWUjAm3Cqqmd93wgvi-I4N0C-2-a64bpubUfJwwRD_73wiGiK7gYlLQz_Z0ysIKcUeU-whLPtH5Ld-9jYXIUDiqZFxt5Bcit-ogwYFUzbSMevSISVo6qjuXn3kbWSdH-Fw2BiqTh_GN5wuT1l4tZHEjaMc-9u-...
forfrogadiertor.com/impression/ 43 B
421 B 59ms
58ms Image
image/gif 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forfrogadiertor.com/impression/IEoUT2CPzuXhmDZ6rNhADhF9cnYLi7UD1wX3pDuwWUjAm3Cqqmd93wgvi-I4N0C-2-a64bpubUfJwwRD_73wiGiK7gYlLQz_Z0ysIKcUeU-whLPtH5Ld-9jYXIUDiqZFxt5Bcit-ogwYFUzbSMevSISVo6qjuXn3kbWSdH-Fw2BiqTh_GN5wuT1l4tZHEjaMc-9u-xyoAz-luQi9G9tOQ-tPKRVc19QTFyfx7q75agKg4V8iKszxKl59i9O8-8-DAHoe_YDvB-a82oe9oPak3kOCip9TCvjPx6zmz_mjp0TbKu7mbl3lv4hL_WrvMh9fWQdGjKGSNXrxpmzjnOjlctPCw8KPtEjU0pHIWZhxhdTjppUBqtv9kbd1xsC7P97uT_uqcYivHZ6NKWVkq5cjticQ-911T_UPpF7IwajL9fmy4r35iaszjhznMsvqZSWe6JLIm_en-2QVje0peB_psuJMsy4AHGQTDEd5SNCyG58dZwbAJl-LeloCpEXcpXGu3E9F9y6_WuqO3h9loRU3rSJX6CmFYFi3Uye0BLMsqtXZSgh01R-v3xvklnLP1aaStmw4PPjpvUEhLptMv1Db5Zy2d_CV2uId61aGOGC-8Q2ycRv_VMVyeTabkq6hnf7o4BYktS-Guh98TkV2E55xv7IERoZSqVNZCz4woDd_E_SQQcF5h2gcQfu2hNDKmtdwm8hAtKJ4veehDFGGM3XS7kaiBzV5bXQWV0ccs38v3YVkALIagIGmhE5jYrPUaFhh4JBrEYT_OYV4weJB5HbX9XCL9QkJOTgGkl8tL8_1Cd6LWghqzSKF48V7X2OCW0GEZnqJ5PeA7bevOc-EGYKTzPLIMD247sZRg_YMsp42rgVEIp004038-xIFlQWRvNcykThekK9EXQRzBPNKGKORqKx5ZaoWs5jSduujF7g13HW-YLHGI8k8Gq78rh5ybur8PIGWwlKWJWvLlnhf5410EI9GQZffrei1U9VQ8WOE0odR-M8dO1FxsCnP1gldpkGJD5qiEIVi3i1BANUbhl2K9Q7PCVPrdRN-g0F2o-IN5tr2yc_uGOBVFT1bLeKiBJ5mOyEDpwOHL0Zc-1xXkXZZy_JAh2u9rVE0WTyF4ZyuJizK1RVjKC3VVscU2ASP_UoqO8XnUyxSAFmjjZk6wnlRV3EcBtL9oRjB9xa9qMsMbV4yxTMDBGriZlunva2EWwS7cQBq71Nxhy5_9Yat7O6PSvF1V078LSWEtQ_nbT0HVTpXAg1rrBulp5E1VZ0x8JXlut70j3dcnJTBC0Mzt77ZH7TeeI_JcoQ71QE99UJXEK7agr-3niXJEHpwiOFV0MD3TA0ONY3Rkbc-OrHYScaHarc4_UteuM7rkPrP7o_oWX0EPpMhqRhdjw==?_z=4991594&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: 02d847109c6c8eb6796eac3341ab1413
pragma: no-cache
date: Thu, 22 Jun 2023 22:46:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET 64751b2ff003at1685396271r6995.jpg.webp
i.cdnkimg.com/auto/192/q85/image/vk/7738/738/ 0
0

GET
H2 200 64751b2ff003at1685396271r6995.jpg.webp
i.cdnkimg.com/auto/192/q85/image/vk/7738/738/ Frame 6E6B 14 KB
14 KB 86ms
86ms Image
image/webp 45.133.44.37
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/192/q85/image/vk/7738/738/64751b2ff003at1685396271r6995.jpg.webp
Requested by: Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/4991594
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 764a135ba7cc9fe474a44f4fc868024b194d240d4d526be0278337cc3482941c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 06 Jul 2023 22:46:11 GMT
date: Thu, 22 Jun 2023 22:46:11 GMT
server: nginx/1.23.2
x-cache-status: MISS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
content-length: 13868
x-proxy-cache: HIT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 51ms
42ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-69R08YB489&gtm=45je36l0&_p=130533892&cid=1925287395.1687473966&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1687473966&sct=1&seg=0&dl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&dt=&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-69R08YB489&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fc-lc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:46:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fc-lc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 4991594
forfrogadiertor.com/500/ 0
0

OPTIONS
H2 200 4991594
forfrogadiertor.com/500/ Frame 0
0 46ms
46ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/500/4991594?excludes=14061720&oaid=1afc6f47aa8f4b828d7188cf5b98d770&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fc-lc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://fc-lc.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Thu, 22 Jun 2023 22:46:11 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.cdnkimg.com
URL: https://i.cdnkimg.com/auto/192/q85/image/vk/7738/738/64751b2ff003at1685396271r6995.jpg.webp

Domain: forfrogadiertor.com
URL: https://forfrogadiertor.com/500/4991594?excludes=14061720&oaid=1afc6f47aa8f4b828d7188cf5b98d770&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Ffc-lc.com%2FSKETCHUP2022&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 17:03:45	Name: _GRECAPTCHA Value: 09ALyjir_D5o0KMJDS8HST6JWd2zWDqnZCcL3UKKww8Z1GiyXP7QDwEmz0BxVKIDrSO5f7dMiFh0y_4Yze2gkRIwc
fc-lc.com/	1969-12-31 23:59:59	Name: AppSession Value: 45mn5dh79kqckr91r6u9f600m1
fc-lc.com/	1969-12-31 23:59:59	Name: visitor_cookie Value: YToyOntzOjI6ImlwIjtzOjIwOiIyYTAxOjRhMDoxMzM4OjkyOjoxMiI7czo0OiJkYXRlIjtzOjE5OiIyMDIzLTA2LTIyIDIyOjQ2OjA1Ijt9
i.gyazo.com/	1970-01-20 22:20:33	Name: Gyazo_cfwoker Value: i
bedrapiona.com/	1970-01-20 21:30:09	Name: OAID Value: 1afc6f47aa8f4b828d7188cf5b98d770
bedrapiona.com/	1970-01-20 21:30:09	Name: oaidts Value: 1687473966
cheeroredraw.com/	1970-01-20 12:46:00	Name: GL_UI4 Value: eJw9jd1OhDAYRPln1QWdhAfwEWiBXW%2BND%2BElaekniwvtplSIb29joldzMjmTCYIgqh4RblmC%2BEt0eH458UbyliuSbcOajncNZ0oKdpYnfuYd7qa1d0LO5BIc1kVY17stwXEkTXYa%2BsEoKvDkrb%2Fmqs2uE6TSCq0KpIs35gK5tGZfyVYxEi0WQvZ2scZnuohPYxEz1nqetOewRmTWKi7vkb9PWvlheUTE6rLMAjzcZuE%2BjF36SWUh0tEKRQhfcRiEo9HYb%2BSK1qszN8DMqv%2F3f3%2FjndXIFG3T4M%2BNu5D9AWmMTYI%3D
cheeroredraw.com/	1970-01-20 12:46:00	Name: GL_GI10 Value: eJwljsEKwjAYg9tf101w1cBuXnwBhwpTz9Xhda8wa9WidqMbA9%2FeiodACB9JGGOUpSDbYnpY59uiyPf5Zr0Dv4NOJUg7xGfj37X7gPtAepeC6yCL9Nh4s1K1fl4aZ0CuwyREbePr3oC3goP6RlCot9lUkhzJBEIZ%2F7IuFGmQKmUs51IgOpUr9ZvTmPzsn%2BGPSKbjgL7G4B1mlfE3o%2Ftl5e1Q63CoD%2FkQgbprxuRCJF9H5CtD
.fc-lc.com/	1970-01-20 22:20:33	Name: _ga_69R08YB489 Value: GS1.1.1687473966.1.0.1687473966.0.0.0
.fc-lc.com/	1970-01-20 22:20:33	Name: _ga Value: GA1.2.1925287395.1687473966
.fc-lc.com/	1970-01-20 12:46:00	Name: _gid Value: GA1.2.1691596207.1687473966
.fc-lc.com/	1970-01-20 12:44:34	Name: _gat_gtag_UA_90563943_1 Value: 1
my.rtmark.net/	1970-01-20 21:30:09	Name: ID Value: 1afc6f47aa8f4b828d7188cf5b98d770
fc-lc.com/	1970-01-20 12:44:34	Name: prefetchAd_4910016 Value: true
dudialgator.com/	1970-01-20 21:30:09	Name: OAID Value: 1afc6f47aa8f4b828d7188cf5b98d770
dudialgator.com/	1970-01-20 21:30:09	Name: oaidts Value: 1687473966
dudialgator.com/	1970-01-20 12:54:38	Name: syncedCookie Value: true
oaphoace.net/	1970-01-20 21:30:09	Name: OAID Value: 1afc6f47aa8f4b828d7188cf5b98d770
forfrogadiertor.com/	1970-01-20 21:30:09	Name: OAID Value: 1afc6f47aa8f4b828d7188cf5b98d770

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bedrapiona.com
cdnjs.cloudflare.com
cheeroredraw.com
dudialgator.com
fc-lc.com
fc.lc
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
forfrogadiertor.com
i.cdnkimg.com
i.gyazo.com
iclickcdn.com
my.rtmark.net
oaphoace.net
region1.google-analytics.com
tzegilo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
forfrogadiertor.com
i.cdnkimg.com
139.45.195.254
139.45.195.8
139.45.197.234
139.45.197.237
139.45.197.239
2001:4860:4802:32::36
23.109.87.190
2606:4700:20::681a:d76
2606:4700:3032::ac43:aaf0
2606:4700:3037::6815:5822
2606:4700::6811:180e
2606:4700::6812:8b2
2606:4700:e6::ac40:cc11
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
45.133.44.37
02135f8ec8ab2d9f43ec465bfc82260c3c65f00759b214db10ea989fe0584da8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
147b08aa6afaa0b704ebedb56d0b146a7e33600a971e5d20773b3371db70be11
162c78a55a2a04111b48bc21c1eeae420fe49b0d275a1f02bc9059bf829cdaa1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e9ec37017f28b29fcc0de5ceabbb0a254c155c93cf62d2125a793c998a415a5
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
315dff486dd8b3e94f3f114b2c2c6220a5104b3d53f23ce900dac3aae3575de7
32bdbc7aa942ed3cc380c72be1c45147f4d7ec5e6b5b084f6527a46022314958
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
47d66fb4053c7e0f8f6ef0aabf27d7cd61624b48239ca369f2de0dfa139487e2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
513a16cb0faca711a3bfcbfa9db86fd1d96dc587a01544a79d06e429a9f44aa1
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663
6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70767bdfc8bc63807c0e9b1e8780386fac1e53c8ab322b88a028fccbd00d782f
764a135ba7cc9fe474a44f4fc868024b194d240d4d526be0278337cc3482941c
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
83521aad7c96625246ef4168f1d84d12b0652e8eb61ad0875066fee1fa797daf
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89e38ae45e4ab6870530ad77bc793c32dcb03a600156b9930ffe3104f6702b25
92bf8639f023fd0fae50386f1d3047defe734a55a427ff0d9a9ecee9c6429795
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a678c4996f3af19954605ff0cbb95c2a1880c522da930831c8d20c08a101ac62
b5835dc266f17e75548250795788e45b2249b30fd3278433d390cd46ba662d86
b62d3ff7ec9f5543b6d6a2429170ed375b550d869b90d9886464143cd89b83ef
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021
bc7fec83e5c85b5d38d479c64fae62b965d865b3fec0839b7279d6ac7eb42353
c4f1d539388eb7159db00ea23fc4bc1bb06ecabc34585a287e90d77c0c9e4462
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e6c486f75d3302aae5a1bfff94e732126ff4741d535aa6815f89f2da97199b
e89cfc847b788147312e8fd04c1a03705f6522d206f6ad9fc8c51d23c3c31c0d
f851579716cc30b2c866700f8386a8d7e91aa88893f20380148c7b3130180ed5
ffbeb2405f047f648199d3e9e6a24b5871fc7e294c4c8be4277c43218a6c67b0

fc-lc.com Open in urlscan Pro 2606:4700:3032::ac43:aaf0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

96 %HTTPS

65 %IPv6

19 Domains

21 Subdomains

21 IPs

4 Countries

1190 kBTransfer

2746 kBSize

19 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fc-lc.com Open in urlscan Pro
2606:4700:3032::ac43:aaf0 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

96 %
HTTPS

65 %
IPv6

19
Domains

21
Subdomains

21
IPs

4
Countries

1190 kB
Transfer

2746 kB
Size

19
Cookies

54 HTTP transactions
0 data transactions