client.goldenfast.net Open in urlscan Pro
103.28.12.63 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://client.goldenfast.net/
Submission: On February 22 via automatic, source certstream-suspicious (February 22nd 2022, 10:29:44 am UTC) — Scanned from DE

Summary HTTP 47 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 47 HTTP transactions. The main IP is 103.28.12.63, located in Indonesia and belongs to QWORDS-AS-ID PT Qwords Company International, ID. The main domain is client.goldenfast.net.
TLS certificate: Issued by Entrust Certification Authority - L1M on March 19th 2020. Valid for: 2 years.

This is the only time client.goldenfast.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	103.28.12.63 103.28.12.63	58404 (QWORDS-AS...) (QWORDS-AS-ID PT Qwords Company International)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	103.28.12.154 103.28.12.154	58404 (QWORDS-AS...) (QWORDS-AS-ID PT Qwords Company International)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
47	17

15 103.28.12.63 (Indonesia)

ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID)
PTR: client.goldenfast.net

client.goldenfast.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.28.12.154 (Indonesia)

ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID)
PTR: goldenfast.net

livechat.qwords.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	goldenfast.net client.goldenfast.net	801 KB
8	qwords.com livechat.qwords.com portal.qwords.com Failed	241 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 250	85 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6342	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	386 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	gstatic.com fonts.gstatic.com	91 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	51 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	76 KB
47	14

	Domain	Requested by
15	client.goldenfast.net	client.goldenfast.net
8	livechat.qwords.com	client.goldenfast.net livechat.qwords.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.de	client.goldenfast.net
2	www.google.com	client.goldenfast.net
2	www.facebook.com	client.goldenfast.net
2	connect.facebook.net	client.goldenfast.net connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	ajax.googleapis.com	client.goldenfast.net
2	fonts.googleapis.com	client.goldenfast.net livechat.qwords.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	client.goldenfast.net
1	cdnjs.cloudflare.com	client.goldenfast.net
1	code.jquery.com	client.goldenfast.net
0	portal.qwords.com Failed
47	17

This site contains links to these domains. Also see Links.

Domain
www.qwords.com
goldenfast.net

Subject Issuer	Validity	Valid
www.goldenfast.net Entrust Certification Authority - L1M	`2020-03-19` - `2022-03-01`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.qwords.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-09` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-01` - `2022-03-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://client.goldenfast.net/
Frame ID: 7D0326C5EC9BD06F2E9B609D5FB9E9EF
Requests: 38 HTTP requests in this frame

Frame: https://livechat.qwords.com/livehelp/scripts/app.min.js
Frame ID: C218D596170D427D8D3F5F95550592B7
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: BBFB1FBBADDFE4B949EDBFA4C8963B12
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: E83ECFE79B5D10DEB6384D74C717FD87
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beranda - Goldenfast Networks

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

47
Requests

98 %
HTTPS

81 %
IPv6

14
Domains

17
Subdomains

17
IPs

5
Countries

1504 kB
Transfer

3647 kB
Size

7
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.qwords.com/dedicated-server/virtual-dedicated-server/
Title: Cloud VPS

Search URL Search Domain Scan URL

URL: https://www.qwords.com/dedicated-server/virtual-dedicated-server-kvm
Title: Cloud VPS KVM

Search URL Search Domain Scan URL

URL: https://www.qwords.com/dedicated-box-server/virtual-dedicated-server-double-speed/
Title: Cloud VPS D

Search URL Search Domain Scan URL

URL: https://www.qwords.com/dedicated-server/dedicated-box/
Title: Dedicated Server

Search URL Search Domain Scan URL

URL: https://www.qwords.com/dedicated-server/colocation/
Title: Colocation Server

Search URL Search Domain Scan URL

URL: https://goldenfast.net/services/colocation-server/cross-connect/
Title: Cross Connect

Search URL Search Domain Scan URL

URL: https://www.qwords.com/services/ftp-backup/
Title: Backup Storage

Search URL Search Domain Scan URL

URL: https://www.qwords.com/licenses/
Title: Software Licensing

Search URL Search Domain Scan URL

URL: https://www.qwords.com/manage-the-box-dedicated-colocation-server/
Title: Manage The Box

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
client.goldenfast.net/ 23 KB
5 KB 1245ms
560ms Document
text/html 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

cc3423d6b1d4d8c3f60329a710762e2b0ecd70c0c100f3ed98e5645b4445a29f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 22 Feb 2022 10:29:36 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=0, no-cache, s-maxage=10
pragma: no-cache
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding,User-Agent
content-encoding: br
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 4763
content-type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 133ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2eef5c3f998f7a958e9656a8bc50264f52b0b699ee81cfc47c4b9312b0245129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 09:21:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 10:29:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 10:29:37 GMT

GET
H2 200 carousel.css
client.goldenfast.net/templates/seven/assets/css/ 5 KB
1 KB 182ms
179ms Stylesheet
text/css 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/templates/seven/assets/css/carousel.css

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

febc73992510ac8b7bf839ef4f81382dda278a81ee12eb14b1bccef1008f0687

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
last-modified: Fri, 27 Sep 2019 07:29:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 968
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 10:29:37 GMT

GET
H2 200 all.min.css
client.goldenfast.net/templates/seven/assets/css/ 208 KB
33 KB 571ms
568ms Stylesheet
text/css 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/templates/seven/assets/css/all.min.css

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

78173a3452045f8c8e1bf04c257c4e69ff6332307c590bc1a99b398396c9910f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
last-modified: Wed, 09 Oct 2019 04:42:12 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 33259
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 10:29:37 GMT

GET
H2 200 all.css
client.goldenfast.net/templates/seven/assets/fontawesome/css/ 68 KB
12 KB 570ms
567ms Stylesheet
text/css 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/templates/seven/assets/fontawesome/css/all.css

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
last-modified: Tue, 04 Jun 2019 13:16:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 12147
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 10:29:37 GMT

GET
H2 200 riza.css
client.goldenfast.net/templates/seven/assets/css/ 11 KB
2 KB 353ms
350ms Stylesheet
text/css 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/templates/seven/assets/css/riza.css

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

2bf52e350b68036b14277f3185283bebab33292c2aa76986e3361454a4e61b2b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
last-modified: Tue, 08 Oct 2019 09:11:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 2310
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 10:29:37 GMT

GET
H2 200 custom.css
client.goldenfast.net/templates/seven/css/ 214 B
149 B 182ms
180ms Stylesheet
text/css 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/templates/seven/css/custom.css

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

026ec03cb3e46a6224afe430e00a776e37f0d955304d662753f8debb210e2c79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
last-modified: Fri, 20 Sep 2019 04:25:14 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 91
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 10:29:37 GMT

GET
H2 200 jquery-3.1.0.js Show response
code.jquery.com/ 258 KB
76 KB 58ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.0.js
Requested by: Host: client.goldenfast.net
URL: https://client.goldenfast.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: b25a2092f0752b754e933008f10213c55dd5ce93a791e355b0abed9182cc8df9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-40657"
vary: Accept-Encoding
x-hw: 1645525777.dop127.am5.t,1645525777.cds237.am5.hn,1645525777.cds113.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 77858

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.5/ 191 KB
50 KB 172ms
84ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.5/jquery-ui.min.js

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ceb1ee966a9c53ad44893892025d76301d124e3dae82d4e5105e2ec2f43772f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 21:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50622
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Feb 2023 21:08:26 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 19:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:47:25 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 35ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.goldenfast.net/
Origin: https://client.goldenfast.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 770146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6157
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SwvjJefUU2zjEb%2Fohb%2BZVfasxx4o%2FxCVHV%2FmhtWtPtiVuaoZJxmuVSHgeWMfVzx8nCvauVqvIHiyq31WbEYOxZrL%2BGaK5cyWqeysxXGX%2FmpNi2pTZz59Ssa67nTNQb9ToBVTMHqv3XnjRx4L%2BiCOQZR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e1788cd5ba08fec-FRA
expires: Sun, 12 Feb 2023 10:29:37 GMT

GET
H2 200 bootstrap.min.js.pagespeed.jm.Rd0OyYl9HU.js Show response
client.goldenfast.net/templates/seven/js/ 48 KB
13 KB 183ms
181ms Script
application/javascript 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/templates/seven/js/bootstrap.min.js.pagespeed.jm.Rd0OyYl9HU.js

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

4f832eb2e911cb43614e2b9be7083e8c40cc5fefc8512f59b6b5c4ff468841d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: gzip
x-original-content-length: 48944
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Thu, 03 Feb 2022 13:45:54 GMT
accept-ranges: bytes
content-length: 12893
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 13:45:54 GMT

GET
H2 200 scripts.min.js.pagespeed.jm.rlq89LmPW2.js Show response
client.goldenfast.net/templates/seven/assets/js/ 587 KB
165 KB 352ms
351ms Script
application/javascript 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/templates/seven/assets/js/scripts.min.js.pagespeed.jm.rlq89LmPW2.js

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

492d5b5866f9494c866759b671b4b8dd64d6e6c63b11f6a838b864eb6f371e26

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: gzip
x-original-content-length: 601324
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Sun, 30 Jan 2022 07:34:35 GMT
accept-ranges: bytes
content-length: 167762
x-xss-protection: 1; mode=block
expires: Mon, 30 Jan 2023 07:34:35 GMT

GET
H2 200 fontawesome-all.min.css
client.goldenfast.net/assets/css/ 153 KB
27 KB 569ms
568ms Stylesheet
text/css 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/assets/css/fontawesome-all.min.css

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:37 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
last-modified: Fri, 15 May 2020 05:33:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 27417
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 10:29:37 GMT

GET
H2 200 logo1.png
client.goldenfast.net/templates/seven/assets/images/ 6 KB
6 KB 513ms
513ms Image
image/png 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.goldenfast.net/templates/seven/assets/images/logo1.png

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

0e38a552316a946fd9ea789560cc96cef28082978dfe85e9a85e8f17cf11b2f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:38 GMT
last-modified: Fri, 13 Sep 2019 04:06:38 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: User-Agent
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
content-length: 6240
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 12:29:38 GMT

GET
H2 200 map-indonesia-dot-10.png
client.goldenfast.net/templates/seven/assets/images/ 181 KB
182 KB 178ms
178ms Image
image/png 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.goldenfast.net/templates/seven/assets/images/map-indonesia-dot-10.png

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

fc675a6a6d70d88b5c5ff428199a75074d9477d5dbccdfc14de17c5c1171a321

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:38 GMT
last-modified: Mon, 16 Sep 2019 03:26:10 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: User-Agent
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
content-length: 185281
x-xss-protection: 1; mode=block
expires: Tue, 22 Feb 2022 12:29:38 GMT

GET
H2 200 clippy.svg
client.goldenfast.net/assets/img/ 519 B
360 B 692ms
692ms Image
image/svg+xml 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.goldenfast.net/assets/img/clippy.svg

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:38 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
last-modified: Fri, 15 May 2020 05:33:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 290
x-xss-protection: 1; mode=block
expires: Wed, 22 Feb 2023 10:29:38 GMT

GET
H/1.1 200
OK js.min.js Show response
livechat.qwords.com/livehelp/scripts/ 1 KB
1 KB 1453ms
180ms Script
application/javascript 103.28.12.154
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.qwords.com/livehelp/scripts/js.min.js
Requested by: Host: client.goldenfast.net
URL: https://client.goldenfast.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.28.12.154 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS: goldenfast.net
Software: nginx /
Resource Hash: 74c7b99d772ec38ee1927a22a3841975b45d1773d447860ab700dd7177997d34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 10:29:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Feb 2020 23:03:44 GMT
Server: nginx
ETag: W/"5e3c9b50-5ef"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
51 KB 152ms
67ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBBKMXS

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f30fad6383a581442580591be92fd61b7fc2a4c811579faf7b12f3d98045bb0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51365
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Feb 2022 10:29:38 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
47 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.goldenfast.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:48:55 GMT
x-content-type-options: nosniff
age: 574843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:48:55 GMT

GET
H2 200 fa-solid-900.woff2
client.goldenfast.net/assets/webfonts/ 120 KB
121 KB 1002ms
1001ms Font
font/woff2 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/assets/webfonts/fa-solid-900.woff2

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/assets/css/fontawesome-all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.goldenfast.net/assets/css/fontawesome-all.min.css
Origin: https://client.goldenfast.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:39 GMT
content-encoding: br
last-modified: Fri, 15 May 2020 05:33:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: font/woff2
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 123137
x-xss-protection: 1; mode=block

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 169ms
83ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.goldenfast.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 555304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 00:14:34 GMT

GET
H2 200 fa-regular-400.woff2
client.goldenfast.net/assets/webfonts/ 149 KB
149 KB 1002ms
1002ms Font
font/woff2 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL

https://client.goldenfast.net/assets/webfonts/fa-regular-400.woff2

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/assets/css/fontawesome-all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.goldenfast.net/assets/css/fontawesome-all.min.css
Origin: https://client.goldenfast.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:39 GMT
content-encoding: br
last-modified: Fri, 15 May 2020 05:33:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: font/woff2
cache-control: s-maxage=10
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 2019-09-19.jpg
client.goldenfast.net/templates/seven/assets/images/ 82 KB
83 KB 618ms
618ms Image
image/jpeg 103.28.12.63
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.goldenfast.net/templates/seven/assets/images/2019-09-19.jpg

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/templates/seven/assets/css/riza.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.28.12.63 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),

Reverse DNS

client.goldenfast.net

Software

Apache /

Resource Hash

5393dccd3312e822108bc7c82a871773453696725809f1bcdafc22980366ef07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/templates/seven/assets/css/riza.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:39 GMT
x-content-type-options: nosniff
x-original-content-length: 404853
server: Apache
etag: W/"PSA-aj--kYLDg7hro"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=926436
accept-ranges: bytes
content-length: 84398
x-xss-protection: 1; mode=block
expires: Sat, 05 Mar 2022 03:50:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBBKMXS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1487
date: Tue, 22 Feb 2022 10:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 12:04:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 141ms
57ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBBKMXS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 10:29:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: L8TnlBBxopL4wlyqHfL6QzrpsR1HvGAvHMf0fWSpvywpa9phnzIbTjJMVtuys2H5JRPx5uhcR9pkjzek1L/vFA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 22 Feb 2022 10:29:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1549866071732432 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 64ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1549866071732432?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a081535a164fc305df24e00bcea27b7f10f713d5199902a1bc88cb7e077d676b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: jIgRckUBHp0UYDqNooyzwzJi3NHvGh9xrMU56TIYM2UitILcos4uUogtjCw8kJEQB7vmiKBJAd5awwbzCsdbMw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 22 Feb 2022 10:29:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1549866071732432&ev=PageView&dl=https%3A%2F%2Fclient.goldenfast.net%2F&rl=&if=false&ts=1645525779070&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645525779069.265874619&it=1645525778982&coo=false&rqm=GET

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 22 Feb 2022 10:29:39 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
46ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2094255559&t=pageview&_s=1&dl=https%3A%2F%2Fclient.goldenfast.net%2F&ul=en-us&de=UTF-8&dt=Beranda%20-%20Goldenfast%20Networks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1690320628&gjid=1516513412&cid=1997172911.1645525779&tid=UA-2530834-15&_gid=1747808062.1645525779&_r=1&gtm=2wg2g0TBBKMXS&z=1383072397

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.goldenfast.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 10:29:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.goldenfast.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948916342/ 2 KB
2 KB 131ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948916342/?random=1645525779097&cv=9&fst=1645525779097&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fclient.goldenfast.net%2F&tiba=Beranda%20-%20Goldenfast%20Networks&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3efab2f517169119407760d3832bc19d6c09da3cc152b430989cf0e4e85b6e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 10:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2530834-15&cid=1997172911.1645525779&jid=1690320628&gjid=1516513412&_gid=1747808062.1645525779&_u=YGBACEAABAAAAC~&z=1199977458

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.goldenfast.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Feb 2022 10:29:39 GMT
content-type: text/plain
access-control-allow-origin: https://client.goldenfast.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948916342/ 42 B
548 B 142ms
55ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948916342/?random=1645525779097&cv=9&fst=1645524000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fclient.goldenfast.net%2F&tiba=Beranda%20-%20Goldenfast%20Networks&async=1&fmt=3&is_vtc=1&random=2642578431&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 10:29:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948916342/ 42 B
548 B 136ms
51ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948916342/?random=1645525779097&cv=9&fst=1645524000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fclient.goldenfast.net%2F&tiba=Beranda%20-%20Goldenfast%20Networks&async=1&fmt=3&is_vtc=1&random=2642578431&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 10:29:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 142ms
68ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2530834-15&cid=1997172911.1645525779&jid=1690320628&_u=YGBACEAABAAAAC~&z=285891354

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 10:29:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 134ms
62ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2530834-15&cid=1997172911.1645525779&jid=1690320628&_u=YGBACEAABAAAAC~&z=285891354

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 10:29:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1549866071732432&ev=Microdata&dl=https%3A%2F%2Fclient.goldenfast.net%2F&rl=&if=false&ts=1645525780574&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Beranda%20-%20Goldenfast%20Networks%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645525779069.265874619&it=1645525778982&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: client.goldenfast.net
URL: https://client.goldenfast.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:29:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 22 Feb 2022 10:29:40 GMT

GET
H/1.1 200
OK app.min.js Show response
livechat.qwords.com/livehelp/scripts/ Frame C218 186 KB
61 KB 369ms
368ms Script
application/javascript 103.28.12.154
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.qwords.com/livehelp/scripts/app.min.js
Requested by: Host: livechat.qwords.com
URL: https://livechat.qwords.com/livehelp/scripts/js.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.28.12.154 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS: goldenfast.net
Software: nginx /
Resource Hash: 9b9732774338cc94344849be2fead09c7cdd5d8099f9c704c5972ad85593b76a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 10:29:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Feb 2020 23:03:44 GMT
Server: nginx
ETag: W/"5e3c9b50-2e90a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2094255559&t=timing&_s=2&dl=https%3A%2F%2Fclient.goldenfast.net%2F&ul=en-us&de=UTF-8&dt=Beranda%20-%20Goldenfast%20Networks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4385&pdt=1&dns=275&rrt=0&srt=560&tcp=410&dit=2576&clt=2577&_gst=2734&_gbt=2874&_cst=2505&_cbt=2725&_u=YGBACEABBAAAAC~&jid=&gjid=&cid=1997172911.1645525779&tid=UA-2530834-15&_gid=1747808062.1645525779&gtm=2wg2g0TBBKMXS&z=1567374108

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 14:29:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71982
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK settings.php
livechat.qwords.com/livehelp/ Frame 0
0 514ms
171ms Preflight
text/plain 103.28.12.154
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.qwords.com/livehelp/settings.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.28.12.154 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS: goldenfast.net
Software: nginx / PHP/7.4.13
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://client.goldenfast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 22 Feb 2022 10:29:41 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.4.13
Access-Control-Allow-Origin: https://client.goldenfast.net
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000

POST
H/1.1 200
OK settings.php Show response
livechat.qwords.com/livehelp/ Frame C218 421 KB
172 KB 357ms
357ms Fetch
application/json 103.28.12.154
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.qwords.com/livehelp/settings.php
Requested by: Host: livechat.qwords.com
URL: https://livechat.qwords.com/livehelp/scripts/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.28.12.154 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS: goldenfast.net
Software: nginx / PHP/7.4.13
Resource Hash: 80717bfa7e5c7536c0816d32ab4111104fa0e6175f6cb81e2878723af0994a03

Request headers

Referer: https://client.goldenfast.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 10:29:41 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.13
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://client.goldenfast.net
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60

GET
H3 200 css
fonts.googleapis.com/ Frame C218 664 B
356 B 96ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: livechat.qwords.com
URL: https://livechat.qwords.com/livehelp/scripts/app.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 10:28:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 10:29:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 10:29:41 GMT

GET
DATA 200
OK truncated
/ Frame BBFB 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd5b877c49843be7d8e2a94147da819c8a66a13040a5a4cb33edb00e53867172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BBFB 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 193b29cf0e8f5a7f7d1d24e59908e7e1aaf9cd7ec82ecb51fd8d0f7b3f7b1b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BBFB 48 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39dae46ff1cb1c7e2792e09dcb65f4e8d55e009c0520aa3bd5d3914f8eb79df0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H/1.1 200
OK search-faq.php
livechat.qwords.com/livehelp/ Frame 0
0 175ms
175ms Preflight
application/json 103.28.12.154
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.qwords.com/livehelp/search-faq.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.28.12.154 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS: goldenfast.net
Software: nginx / PHP/7.4.13
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://client.goldenfast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 22 Feb 2022 10:29:42 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.13
Access-Control-Allow-Origin: https://client.goldenfast.net
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Encoding: gzip

GET
H/1.1 200
OK search-faq.php Show response
livechat.qwords.com/livehelp/ Frame BBFB 7 KB
2 KB 172ms
172ms Fetch
application/json 103.28.12.154
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.qwords.com/livehelp/search-faq.php
Requested by: Host: client.goldenfast.net
URL: https://client.goldenfast.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.28.12.154 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS: goldenfast.net
Software: nginx / PHP/7.4.13
Resource Hash: 425bebc0b63ab2e776a06ee34b6072f65d4f7d1adcd41f85ff23dba1314d178f

Request headers

Referer: https://client.goldenfast.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/json

Response headers

Date: Tue, 22 Feb 2022 10:29:42 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.13
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://client.goldenfast.net
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Keep-Alive: timeout=60

GET
H/1.1 200
OK app.brand.chunk.min.js Show response
livechat.qwords.com/livehelp/scripts/ Frame C218 11 KB
4 KB 181ms
181ms Script
application/javascript 103.28.12.154
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.qwords.com/livehelp/scripts/app.brand.chunk.min.js
Requested by: Host: livechat.qwords.com
URL: https://livechat.qwords.com/livehelp/scripts/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.28.12.154 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS: goldenfast.net
Software: nginx /
Resource Hash: 49c26c81458db579edd1345b4698a8f3ff8e89dc0162b6672a7ee860e679b32c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 10:29:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Feb 2020 23:03:44 GMT
Server: nginx
ETag: W/"5e3c9b50-2d73"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET logo.gif
portal.qwords.com/qwadmin/templates/blend/images/ Frame BBFB 0
0

GET
DATA 200
OK truncated
/ Frame E83E 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e911a4df95fa4f00c6c79f569f81e7bd5848e3e2f248563edd293efcd38da31d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK app.smoothscroll.chunk.min.js Show response
livechat.qwords.com/livehelp/scripts/ Frame C218 4 KB
2 KB 181ms
181ms Script
application/javascript 103.28.12.154
QWORDS-AS-ID PT Q...

General

Check archive.org

Show headers Download Go to

Full URL: https://livechat.qwords.com/livehelp/scripts/app.smoothscroll.chunk.min.js
Requested by: Host: livechat.qwords.com
URL: https://livechat.qwords.com/livehelp/scripts/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.28.12.154 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS: goldenfast.net
Software: nginx /
Resource Hash: 30be6f6977ca3bf176e0b44a647bf642d9196f00b23587c5a249b319effc4e76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.goldenfast.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 10:29:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Feb 2020 23:03:44 GMT
Server: nginx
ETag: W/"5e3c9b50-fc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portal.qwords.com
URL: https://portal.qwords.com/qwadmin/templates/blend/images/logo.gif

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
client.goldenfast.net/	1969-12-31 23:59:59	Name: WHMCSM3Yhsf5V0i0s Value: uduvl2gatjome4ipmugp17ctg6
.goldenfast.net/	1970-01-20 03:15:01	Name: _fbp Value: fb.1.1645525779069.265874619
.goldenfast.net/	1970-01-20 18:36:37	Name: _ga Value: GA1.2.1997172911.1645525779
.goldenfast.net/	1970-01-20 01:06:52	Name: _gid Value: GA1.2.1747808062.1645525779
.goldenfast.net/	1970-01-20 01:05:25	Name: _gat_UA-2530834-15 Value: 1
.doubleclick.net/	1970-01-20 01:05:26	Name: test_cookie Value: CheckForPermission
.client.goldenfast.net/	1969-12-31 23:59:59	Name: LiveHelpSession Value: 72cb3749a1c0cf58e4c6b60f05f3dd396dce2c83923be16034d7076f1ASVhFGI7Y5HWeqcumemYU3U9GC0Phl++HRCunNfcr0V14oTAqxS1lorpLUnQ3PB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
client.goldenfast.net
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
livechat.qwords.com
portal.qwords.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
portal.qwords.com
103.28.12.154
103.28.12.63
142.250.186.34
2001:4de0:ac18::1:a:3b
2606:4700::6810:125e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
026ec03cb3e46a6224afe430e00a776e37f0d955304d662753f8debb210e2c79
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0e38a552316a946fd9ea789560cc96cef28082978dfe85e9a85e8f17cf11b2f4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
193b29cf0e8f5a7f7d1d24e59908e7e1aaf9cd7ec82ecb51fd8d0f7b3f7b1b46
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2bf52e350b68036b14277f3185283bebab33292c2aa76986e3361454a4e61b2b
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
2eef5c3f998f7a958e9656a8bc50264f52b0b699ee81cfc47c4b9312b0245129
30be6f6977ca3bf176e0b44a647bf642d9196f00b23587c5a249b319effc4e76
39dae46ff1cb1c7e2792e09dcb65f4e8d55e009c0520aa3bd5d3914f8eb79df0
3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561
3efab2f517169119407760d3832bc19d6c09da3cc152b430989cf0e4e85b6e30
425bebc0b63ab2e776a06ee34b6072f65d4f7d1adcd41f85ff23dba1314d178f
492d5b5866f9494c866759b671b4b8dd64d6e6c63b11f6a838b864eb6f371e26
49c26c81458db579edd1345b4698a8f3ff8e89dc0162b6672a7ee860e679b32c
4f832eb2e911cb43614e2b9be7083e8c40cc5fefc8512f59b6b5c4ff468841d5
5393dccd3312e822108bc7c82a871773453696725809f1bcdafc22980366ef07
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
686d81e030899b477865d67a01fe34e83d8e68aa8da91a59205ad3e901a3ec71
74c7b99d772ec38ee1927a22a3841975b45d1773d447860ab700dd7177997d34
78173a3452045f8c8e1bf04c257c4e69ff6332307c590bc1a99b398396c9910f
7ceb1ee966a9c53ad44893892025d76301d124e3dae82d4e5105e2ec2f43772f
80717bfa7e5c7536c0816d32ab4111104fa0e6175f6cb81e2878723af0994a03
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9b9732774338cc94344849be2fead09c7cdd5d8099f9c704c5972ad85593b76a
a081535a164fc305df24e00bcea27b7f10f713d5199902a1bc88cb7e077d676b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b25a2092f0752b754e933008f10213c55dd5ce93a791e355b0abed9182cc8df9
cc3423d6b1d4d8c3f60329a710762e2b0ecd70c0c100f3ed98e5645b4445a29f
cd5b877c49843be7d8e2a94147da819c8a66a13040a5a4cb33edb00e53867172
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
e911a4df95fa4f00c6c79f569f81e7bd5848e3e2f248563edd293efcd38da31d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30fad6383a581442580591be92fd61b7fc2a4c811579faf7b12f3d98045bb0a
fc675a6a6d70d88b5c5ff428199a75074d9477d5dbccdfc14de17c5c1171a321
febc73992510ac8b7bf839ef4f81382dda278a81ee12eb14b1bccef1008f0687

client.goldenfast.net Open in urlscan Pro 103.28.12.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

81 %IPv6

14 Domains

17 Subdomains

17 IPs

5 Countries

1504 kBTransfer

3647 kBSize

7 Cookies

9 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

client.goldenfast.net Open in urlscan Pro
103.28.12.63 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

81 %
IPv6

14
Domains

17
Subdomains

17
IPs

5
Countries

1504 kB
Transfer

3647 kB
Size

7
Cookies

47 HTTP transactions
4 data transactions