xhtgfgf98635467xyz12.btewq.workers.dev Open in urlscan Pro
172.67.204.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xhtgfgf98635467xyz12.btewq.workers.dev/
Submission: On December 22 via api (December 22nd 2024, 12:51:43 am UTC) from US — Scanned from DE

Summary HTTP 94 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 22 domains to perform 94 HTTP transactions. The main IP is 172.67.204.114, located in United States and belongs to CLOUDFLARENET, US. The main domain is xhtgfgf98635467xyz12.btewq.workers.dev.
TLS certificate: Issued by WE1 on December 21st 2024. Valid for: 3 months.

This is the only time xhtgfgf98635467xyz12.btewq.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	172.67.204.114 172.67.204.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.72.101.119 54.72.101.119	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.131.52 151.101.131.52	54113 (FASTLY) (FASTLY)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
8	88.221.123.11 88.221.123.11	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	18.66.122.61 18.66.122.61	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	52.21.88.24 52.21.88.24	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	54.155.186.43 54.155.186.43	16509 (AMAZON-02) (AMAZON-02)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1 1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
4	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
2	172.67.177.70 172.67.177.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
94	27

48 172.67.204.114 (United States)

ASN13335 (CLOUDFLARENET, US)

xhtgfgf98635467xyz12.btewq.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.72.101.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-101-119.eu-west-1.compute.amazonaws.com

apps.mypurecloud.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.131.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.seoplatform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 88.221.123.11 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a88-221-123-11.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-61.fra60.r.cloudfront.net

api-cdn.mypurecloud.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.88.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-88-24.compute-1.amazonaws.com

apps.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.186.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-186-43.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.177.70 (United States)

ASN13335 (CLOUDFLARENET, US)

capig.stape.do	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	workers.dev xhtgfgf98635467xyz12.btewq.workers.dev	3 MB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	144 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	427 B
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4108 www.google.com — Cisco Umbrella Rank: 3	24 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	355 KB
4	mypurecloud.ie apps.mypurecloud.ie — Cisco Umbrella Rank: 97793 api-cdn.mypurecloud.ie — Cisco Umbrella Rank: 202205	209 KB
2	stape.do capig.stape.do — Cisco Umbrella Rank: 162972	2 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 265	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	159 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	61 KB
2	google.de www.google.de — Cisco Umbrella Rank: 10745	127 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 135 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	596 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	16 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	83 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 5577	171 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
1	mypurecloud.com apps.mypurecloud.com — Cisco Umbrella Rank: 9970	726 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 623	33 KB
1	seoplatform.io cdn.seoplatform.io — Cisco Umbrella Rank: 386035	39 KB
1	gstatic.com fonts.gstatic.com	37 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
0	appspot.com Failed gtm-wlpt4gr-zdhlo.uc.r.appspot.com Failed
94	22

	Domain	Requested by
48	xhtgfgf98635467xyz12.btewq.workers.dev	xhtgfgf98635467xyz12.btewq.workers.dev
8	analytics.tiktok.com	xhtgfgf98635467xyz12.btewq.workers.dev analytics.tiktok.com
4	www.facebook.com
4	www.googletagmanager.com	xhtgfgf98635467xyz12.btewq.workers.dev www.googletagmanager.com
3	apps.mypurecloud.ie	xhtgfgf98635467xyz12.btewq.workers.dev
2	capig.stape.do	xhtgfgf98635467xyz12.btewq.workers.dev
2	bam.nr-data.net	xhtgfgf98635467xyz12.btewq.workers.dev
2	connect.facebook.net	xhtgfgf98635467xyz12.btewq.workers.dev
2	www.google.de
2	www.google.com	1 redirects www.googletagmanager.com
2	region1.analytics.google.com	xhtgfgf98635467xyz12.btewq.workers.dev
2	cdnjs.cloudflare.com	xhtgfgf98635467xyz12.btewq.workers.dev
2	maxcdn.bootstrapcdn.com	xhtgfgf98635467xyz12.btewq.workers.dev maxcdn.bootstrapcdn.com
1	googleads.g.doubleclick.net	1 redirects
1	content.hotjar.io	xhtgfgf98635467xyz12.btewq.workers.dev
1	www.googleadservices.com	xhtgfgf98635467xyz12.btewq.workers.dev
1	apps.mypurecloud.com	xhtgfgf98635467xyz12.btewq.workers.dev
1	script.hotjar.com	xhtgfgf98635467xyz12.btewq.workers.dev
1	api-cdn.mypurecloud.ie	xhtgfgf98635467xyz12.btewq.workers.dev
1	static.hotjar.com	xhtgfgf98635467xyz12.btewq.workers.dev
1	js-agent.newrelic.com	xhtgfgf98635467xyz12.btewq.workers.dev
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cdn.seoplatform.io	xhtgfgf98635467xyz12.btewq.workers.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	xhtgfgf98635467xyz12.btewq.workers.dev
0	gtm-wlpt4gr-zdhlo.uc.r.appspot.com Failed	xhtgfgf98635467xyz12.btewq.workers.dev
94	26

This site contains links to these domains. Also see Links.

Domain
sacoronavirus.co.za
api.whatsapp.com
xhtgfgf.98635467.xyz
test.kingpricelife.co.za
www.munichre.com
www.newre.com
axaxl.com
www.swissre.com
www.facebook.com
www.instagram.com
www.linkedin.com
za.pinterest.com
twitter.com

Subject Issuer	Validity	Valid
btewq.workers.dev WE1	`2024-12-21` - `2025-03-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
mypurecloud.ie Amazon RSA 2048 M03	`2024-07-19` - `2025-08-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cdn.seoplatform.io Certainly Intermediate R1	`2024-12-02` - `2025-01-01`	a month	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.de WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-30` - `2024-12-29`	3 months	crt.sh
mypurecloud.com Amazon RSA 2048 M02	`2024-07-18` - `2025-08-14`	a year	crt.sh
*.googleadservices.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh
capig.stape.do WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Frame ID: E9A6847C7A1A4E54C50EFCAE3ED35D2A
Requests: 93 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev
Frame ID: 54FAAAD82DA646058C648B92F41E8E9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Insurance | Car & Business insurance | King Price Insurance

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Genesys Cloud (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

apps\.mypurecloud\.\w+/widgets/([\d.]+)
apps\.mypurecloud\.\w+

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

98 %
HTTPS

22 %
IPv6

22
Domains

26
Subdomains

27
IPs

5
Countries

3798 kB
Transfer

10232 kB
Size

13
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://sacoronavirus.co.za/
Title: sacoronavirus.co.za

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=27860505050&text=Quote&app_absent=0
Title: Chat now via WhatsApp

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=27860505050&text=Hi&app_absent=0

Search URL Search Domain Scan URL

URL: https://xhtgfgf.98635467.xyz/blog/community-insurance/
Title: Our community blog

Search URL Search Domain Scan URL

URL: https://test.kingpricelife.co.za/
Title: Get a quote

Search URL Search Domain Scan URL

URL: https://xhtgfgf.98635467.xyz/blog
Title: Our blog

Search URL Search Domain Scan URL

URL: https://www.munichre.com/en/company/about-munich-re/munich-re-worldwide/sub-saharan-africa/about-us.html
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.newre.com/en.html
Title: Learn more

Search URL Search Domain Scan URL

URL: https://axaxl.com/reinsurance
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.swissre.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KingPriceInsurance/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kingpriceins/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2621399

Search URL Search Domain Scan URL

URL: https://za.pinterest.com/kingprice/

Search URL Search Domain Scan URL

URL: https://twitter.com/kingpriceins

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11203488302/?random=228097666&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&label=FOhjCLmP7KYYEK7Unt4p&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=1005622689.1734828699&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCNPFsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&eitems=ChEIgOuZuwYQ0I2V1fy1xPeDARIdADVQLp5miODmZtakzIiSjgvNzxIdKjWCHmjUbp0&pscrd=IhMIwrLqwpS6igMVHu0RCB3PLRBhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOi9odHRwczovL3hodGdmZ2Y5ODYzNTQ2N3h5ejEyLmJ0ZXdxLndvcmtlcnMuZGV2L0JWQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWl3QXJSVTlyRVhILUtudDZfUE5zelRIekI4ZkRVTTAwSDFzRERvdW9hQ0xQeGYyVDNCLUQyM0FvZktIVkE HTTP 302
https://www.google.com/pagead/1p-conversion/11203488302/?random=228097666&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&label=FOhjCLmP7KYYEK7Unt4p&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=1005622689.1734828699&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCNPFsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIwrLqwpS6igMVHu0RCB3PLRBhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOi9odHRwczovL3hodGdmZ2Y5ODYzNTQ2N3h5ejEyLmJ0ZXdxLndvcmtlcnMuZGV2L0JWQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWl3QXJSVTlyRVhILUtudDZfUE5zelRIekI4ZkRVTTAwSDFzRERvdW9hQ0xQeGYyVDNCLUQyM0FvZktIVkE&is_vtc=1&cid=CAQSGwCa7L7ddhjGNdg7GUHkDH8RII6wKnQlFKHjXw&eitems=ChEIgOuZuwYQ0I2V1fy1xPeDARIdADVQLp5Yuhl-LjJzqCk6JpenWfwgPZYkQ8ba_7M&random=46850216 HTTP 302
https://www.google.de/pagead/1p-conversion/11203488302/?random=228097666&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&label=FOhjCLmP7KYYEK7Unt4p&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=1005622689.1734828699&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCNPFsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIwrLqwpS6igMVHu0RCB3PLRBhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOi9odHRwczovL3hodGdmZ2Y5ODYzNTQ2N3h5ejEyLmJ0ZXdxLndvcmtlcnMuZGV2L0JWQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWl3QXJSVTlyRVhILUtudDZfUE5zelRIekI4ZkRVTTAwSDFzRERvdW9hQ0xQeGYyVDNCLUQyM0FvZktIVkE&is_vtc=1&cid=CAQSGwCa7L7ddhjGNdg7GUHkDH8RII6wKnQlFKHjXw&eitems=ChEIgOuZuwYQ0I2V1fy1xPeDARIdADVQLp5Yuhl-LjJzqCk6JpenWfwgPZYkQ8ba_7M&random=46850216&ipr=y

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
xhtgfgf98635467xyz12.btewq.workers.dev/ 287 KB
52 KB 1858ms
1832ms Document
text/html 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0629bbccb0516a94ea90b1b88ff9be9e1a9f5a46512619bc902022e4809ead12

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8f5c1fd67b2adca8-FRA
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Sun, 22 Dec 2024 00:51:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2FBDkbLuVaNfQnDczpU8aF6VPksbVs05RGznf0q1c3%2BpN09PFDDmrSS1z3aYy8CRrwg2vjWJ%2FCcdPsbtJWlBMdm5im7e7b%2BXb91e6kCX4aVU1xetP2CKvPfyord01Q%2B%2BxFzxH8Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=1292&min_rtt=1243&rtt_var=501&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1502&delivery_rate=1164923&cwnd=248&unsent_bytes=0&cid=4650fd2854b6ed9a&ts=1310&x=0" cfL4;desc="?proto=QUIC&rtt=9728&min_rtt=6494&rtt_var=3944&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4185&recv_bytes=4504&delivery_rate=706&cwnd=12000&unsent_bytes=0&cid=caa553e7c8c9582c&ts=1840&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 64ms
25ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:120,200,300,400,500,600,700,800,900

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b790ee82df0a92b7b7896b503e861d3b9ab681e09bdf4369addcea37032c68c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 00:51:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 22 Dec 2024 00:51:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 44ms
16ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "269550530cc127b6aa5a35925a7de6ce"
age: 1286911
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 00:51:38 GMT
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/17/2024 22:45:09
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7d2e6d5b3eb7d88724403d5cfd7708cd
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8f5c1fe33e85d3b5-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1078
server: cloudflare
cdn-requestcountrycode: DE

GET
H3 200 bootstrap.min.css
xhtgfgf98635467xyz12.btewq.workers.dev/Content/ 152 KB
26 KB 28ms
27ms Stylesheet
text/css 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/bootstrap.min.css
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"032c91f44adb1:0"
age: 137324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5b8gmgXNnmmRgE29JzXL65%2FwZApqmjlu%2FXOR5v48IKy%2FdKlucPam%2BtYr17rRnFDM%2FwyvVolwi5TBtgRtn6Y59WzTrwG10iM8o0bDtcJr3ghwvqO3NBeTVR9k15imdSvTzyHX8b0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1348&min_rtt=1331&rtt_var=533&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1635&delivery_rate=987048&cwnd=251&unsent_bytes=0&cid=2c4084530f543859&ts=304&x=0", cfL4;desc="?proto=QUIC&rtt=8849&min_rtt=6277&rtt_var=2176&sent=39&recv=24&lost=0&retrans=0&sent_bytes=31981&recv_bytes=6476&delivery_rate=601979&cwnd=24000&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2053&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 11:09:40 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe3188ddca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 bootstrap-select.min.css
xhtgfgf98635467xyz12.btewq.workers.dev/Content/ 10 KB
3 KB 23ms
23ms Stylesheet
text/css 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/bootstrap-select.min.css
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d99902464ea5a053d3834285e12852d7f460a08ca2b9d2b87c6c3137990286e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"032c91f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v6r6eTzYmcB%2B6bBHWT%2FnxQ5NuwlezGrzetmxpUJjl8JOjc4C1SYWoj%2BI5eZCiaj5AKhwKDSc7lBQdWxhUxdfDkOEF%2BfsgOrKVADbZdRTe7ArvOOHfYd%2Fr6gJPfKPxRAEcjM4mPA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2054&min_rtt=2030&rtt_var=591&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1369&delivery_rate=1388302&cwnd=172&unsent_bytes=0&cid=969c7f8cf4e13669&ts=832&x=0", cfL4;desc="?proto=QUIC&rtt=8849&min_rtt=6277&rtt_var=2176&sent=36&recv=24&lost=0&retrans=0&sent_bytes=28761&recv_bytes=6476&delivery_rate=601979&cwnd=24000&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2048&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 11:09:40 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe3188fdca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 bundle.min.css
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/ 341 KB
54 KB 39ms
39ms Stylesheet
text/css 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752ce87e1887acd67bfa6d0720dfad88210da3dbc7d6298f7d29bf3b2bf148c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"040f08f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14TUOzNJGgZRHv1gCPdqH%2BZ3fJ%2BXPIZq2b7eMev2BiNjmApE6KY48oSS7asjdEyVzTrDAGP7Jhd780iLI66Dy9E2lwNWe4uVpreFdEVmIilgaz1TPHy1IyF0qG2t4xkxZ1sa9AI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2041&min_rtt=2033&rtt_var=778&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1657&delivery_rate=690181&cwnd=250&unsent_bytes=0&cid=216d51b26d7e27b6&ts=829&x=0", cfL4;desc="?proto=QUIC&rtt=8350&min_rtt=6277&rtt_var=574&sent=62&recv=36&lost=0&retrans=0&sent_bytes=58715&recv_bytes=6992&delivery_rate=1481223&cwnd=30000&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2064&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 11:09:52 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe31891dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 cic-chat-kp.css
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/ 8 KB
3 KB 23ms
23ms Stylesheet
text/css 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/cic-chat-kp.css?250423-1249
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814f4541ede2c734469cedc556b4fb576d544a7c51a160d0cf06b359d90baa58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRkMeYwboYUFR2Qza6cfgJ5vHAfzkq8MNOJ6fm0far%2F70f89kJM%2FTJIC9tst9aHqaV8RGKPOKWK%2F2xJBJ0kMBg3AQVdZqUUiNEAUnLhA1lkCGQM3DCeXSOG4hi9aHZjkT%2FylSvw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1231&min_rtt=1223&rtt_var=360&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2835&recv_bytes=1386&delivery_rate=2273155&cwnd=228&unsent_bytes=0&cid=a91ac3aa8ecd54a6&ts=854&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=133&recv=86&lost=0&retrans=0&sent_bytes=132353&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2347&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4ea7bdca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 whatsapp-icon-24px-nugreen-latest.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 5 KB
2 KB 22ms
22ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/whatsapp-icon-24px-nugreen-latest.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2558e574edbdf92876a6a9708c9d30e131aa866c3993762165ffa8af71e557fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pyxf%2FPW9kjkps%2BI9gyPIL%2FFs0giqY7k2oU35JjC%2BIGGGDOOa3k%2B7VuCJZgPh9gNjC15prgxe7cM6oiJG%2FUlfeYymfiT6ABw5JorPXiF3dxTraeOPTI30nwXbEHbs9mWYNx8%2B4e0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1996&min_rtt=1976&rtt_var=591&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1443&delivery_rate=1402421&cwnd=249&unsent_bytes=0&cid=b9e53ea7b1ebeba1&ts=24&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=130&recv=86&lost=0&retrans=0&sent_bytes=129763&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2347&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4ea7cdca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 email-decode.min.js Show response
xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675fc4cd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kUXzDsl7CrXjzfGoVAdJpZmN48zlYmj1552PUl8mEhTQBXK6jPmtEfWxgFUp95u%2B5FHbo%2FdJ%2F%2F0hGvs83%2FryrJz8M%2BiFfz4RRk0UalHcXcO505xpMgvZCcmDA1VqRU9XyiKUCAUbDF6HPrZytUn7ZG25ImpSfX2p0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f5c1fe4ea7ddca8-FRA
expires: Tue, 24 Dec 2024 00:51:38 GMT
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 06:12:29 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 kp-logo-sticky-52x42px.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 6 KB
3 KB 23ms
22ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/kp-logo-sticky-52x42px.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5399abdc417a715c898de965f42e478f35277b30ed00ea05fe6dcd3e71dfe1f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZuqYskVoIvm3Z1ik9sBSasReq9lod4KCNrSr62YM2Ql0AZ3EnTRSqapLGMcUw9FfA92sErysfA%2B5e671C%2BHLG2mcw8sWjwXC3LeFUcDrarHcv0wGOu3zF7DC3ypaI46vds5kG8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1443&min_rtt=1403&rtt_var=422&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1435&delivery_rate=2029432&cwnd=249&unsent_bytes=0&cid=227149ee7ca65564&ts=842&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=136&recv=86&lost=0&retrans=0&sent_bytes=135239&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2347&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4ea7fdca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 kp-logo-desktop-237x99px.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 15 KB
7 KB 29ms
28ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/kp-logo-desktop-237x99px.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a93775c58fff1978eb23b2f76fdd4704eae5c502ad86aaf6759afaa01f9aaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5Yc0yJ0shs%2BEjDDiEsAd%2By1fGzt4z2JdcLZ8njts1WMfCpvFaELw1bRDG%2BdM6fGs9Yz1WO2f8iRL9UPhY5IzjCwYG96FBQ5sN4bjieMxTaaCuU5ISLLifHSVNzVRKfyeqKX6%2FY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1276&min_rtt=1242&rtt_var=369&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1439&delivery_rate=2274941&cwnd=180&unsent_bytes=0&cid=5723ccbb7e67e67e&ts=22&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=157&recv=86&lost=0&retrans=0&sent_bytes=155950&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2350&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa82dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 kp-logo-mobile-52x41px.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 6 KB
3 KB 31ms
29ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/kp-logo-mobile-52x41px.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779db044e35779fb2ebfcf7ba658c37cad9407ec5b21574f5e46fdb4f87a7902

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QkxDkVtDgrWV6mV1BroO4U6ecIL%2BNNAJMFYw9dWkT6nWFcFyWFzlsewlrCD31PT7gQxvsX69ysMpYVwJ4WE3jP5dISv1cHnQNoqsCyUYAJCjens8jOFZ7mAgT92%2Bob8EohU4p0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1260&min_rtt=1210&rtt_var=490&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1706&delivery_rate=1196694&cwnd=250&unsent_bytes=0&cid=7977dea074911883&ts=30&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=145&recv=86&lost=0&retrans=0&sent_bytes=141738&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2349&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa84dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 King-Price-Insurance-PDF-icon.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 730 B
2 KB 25ms
23ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/King-Price-Insurance-PDF-icon.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a85540c760967c1e66129c0188b11b57d6ed03b5391de1c5843e98028b1673

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCKEUiwUMtn6fY%2F4mvtLiWa%2Bx%2FY0HrdAMJV27T%2FuDNwKzEq2NnIp9DQHE7PlrbD66cJ%2F5muDKAt7y4fNCM%2FL8viMsfKKEax3hdu48VA9sJstwa0%2FicyXn%2BKHXfl4lNqSCYZvzHI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1993&min_rtt=1899&rtt_var=779&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1715&delivery_rate=762506&cwnd=248&unsent_bytes=0&cid=fd1be1df3c729301&ts=842&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=143&recv=86&lost=0&retrans=0&sent_bytes=140057&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2349&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="King-Price-Insurance-PDF-icon.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=2,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa85dca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 730
server: cloudflare

GET
H3 200 King-Price-Insurance-PDF-Mobile-icon.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 728 B
2 KB 43ms
41ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/King-Price-Insurance-PDF-Mobile-icon.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1adc96ac2c917962f21791099af97f87ebc4b2c75c123fcd97aa3138458f9385

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F64CUj84J%2FAd%2FVPFhy9gc4SQAewKnUNx2q8b7bGe0V7o58e0x%2BDup0FziyFefI6uNh1dDnn8YLeJqVpNTF6%2BfOFeax%2BAr8ZcL0nIn2aq1smO3G9kT9p7m%2FDZk4RbhxY%2FWfcSbX8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1328&min_rtt=1308&rtt_var=404&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2835&recv_bytes=1444&delivery_rate=2055358&cwnd=250&unsent_bytes=0&cid=9d84a13790f65b38&ts=853&x=0", cfL4;desc="?proto=QUIC&rtt=7703&min_rtt=6122&rtt_var=1033&sent=228&recv=91&lost=0&retrans=0&sent_bytes=230804&recv_bytes=20770&delivery_rate=5482911&cwnd=85200&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2363&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="King-Price-Insurance-PDF-Mobile-icon.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa86dca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 728
server: cloudflare

GET
H3 200 left-banner-lines.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 1 MB
512 KB 43ms
42ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/left-banner-lines.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86c8229deb588765ac2329039b873cfb764d761ce9e62c91cae4d7216b5e5fd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDqy0KX7LXmyYciFT9FBtAgjDNVJW9P7Y5VkCP9Y9b2%2BxcHsLjshSldAH1TNvfNfRqFhC0bWdmMswvnfTcvLROKgyfihfZiVavInoac425Fcxt5yyAl7ZoKm7NUO%2BU89UOai154%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1395&min_rtt=1350&rtt_var=414&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1433&delivery_rate=2004152&cwnd=251&unsent_bytes=0&cid=95f6dedef4763f89&ts=840&x=0", cfL4;desc="?proto=QUIC&rtt=8020&min_rtt=6122&rtt_var=1133&sent=250&recv=93&lost=0&retrans=0&sent_bytes=256490&recv_bytes=20859&delivery_rate=7467552&cwnd=85200&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2363&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa88dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 in-sho-sho.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 3 MB
1 MB 42ms
41ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/in-sho-sho.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4572ded17dad62a527441473b60bf7e3e4f308e69f1607782b9258cd2561b63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7f8gYDEjogyHjuZsKK5EBpkq7EF%2Fy%2FC%2Bp0kOvbT%2FaIiNS8VcCXNhgA7jYLS4Ofx6s5qjbcvCUD1WTh34qIlQUxj%2BWod74N9dj53T1IiRf0%2BfCDjrvRspUyiGmLGSTRz1N8XFxc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2028&min_rtt=2013&rtt_var=596&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2835&recv_bytes=1426&delivery_rate=1361542&cwnd=250&unsent_bytes=0&cid=b91d15c273ad7848&ts=840&x=0", cfL4;desc="?proto=QUIC&rtt=7703&min_rtt=6122&rtt_var=1033&sent=223&recv=91&lost=0&retrans=0&sent_bytes=225728&recv_bytes=20770&delivery_rate=5482911&cwnd=85200&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2362&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa8adca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 sure-sure.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 13 KB
10 KB 28ms
26ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/sure-sure.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f122c1221df09ea7439fc6c3fb9197ec5419b5096eb805030f2d4c2c167a127

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrkRzrbw8DQx8xeEYWwMYytt4gQtwb3BPi3ecmBKhuUXOKbOTB17Lp7S3boxCKSqvy1Huh%2BVi15zFT98fhMSnAn%2Ffo%2BVZcbmszvRZg9qIKXCInVsiuQppFgc01WSeCOzWOBl1Tc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1284&min_rtt=1265&rtt_var=392&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1425&delivery_rate=2077474&cwnd=251&unsent_bytes=0&cid=33fa2760719c80e4&ts=849&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=145&recv=86&lost=0&retrans=0&sent_bytes=141738&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2349&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa8bdca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 dropdown-down.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 540 B
1 KB 25ms
23ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/dropdown-down.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2661f1c212e4b67a47aae98159751cff3499c47b73ebc34e09b6fc6f638b68c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hw%2BbTlIrjzau7C6vKQrb9f%2BFglvWdNlpi8ThlTZkXtM60XzFpKuvjIwqVEea480jF1o%2FnQJOK6Fgsp%2Bl1rao%2FSMU0BVFVaw0hTWFccweLd2RefFZjqD3vxKu%2BDkRhMxRsX6BR1U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1397&min_rtt=1366&rtt_var=444&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1425&delivery_rate=1832911&cwnd=172&unsent_bytes=0&cid=5fb3fbd04b22bfc8&ts=300&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=140&recv=86&lost=0&retrans=0&sent_bytes=138790&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2348&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa8cdca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 dropdown-up.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 542 B
1 KB 29ms
27ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/dropdown-up.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54a071fcbf7254c26d342ba696ea76c0f0f433f326d6a90c853dca1f75c6119

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHLs3AbKvfgwoF4IPsuLdIX1xFXDmekpdTwC2gs5B7A%2BNCzm56M7lQfxGTP5lXnM6tbvBIJ3kDGWUWwcvuAuFkVkZoFWjpuzXSXtQZ0fLFgJxJonHnTyksvFiY%2F%2BzdR2sqvDRBE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1227&min_rtt=1208&rtt_var=376&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1427&delivery_rate=2162808&cwnd=248&unsent_bytes=0&cid=4b69eba4b3e9cce6&ts=837&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=163&recv=86&lost=0&retrans=0&sent_bytes=163106&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2351&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa8ddca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 whatsapp.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 2 KB
2 KB 32ms
30ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/whatsapp.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b78226adee1166bcc7ff5fe2c475de396b467aa9e46a066b5b2c5d19acd857a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJJBMRYJmCMdnf24mhoSf0nhZhJzW81iAlOmY5cJBDOdKXdTg6anJJB8RH9fS1yC0eoCZ8HeD7doSYwKLwJ7kBoELlR%2FOLUcmnpHpjwFOMQEQHezEONas31iHrGE5fP5PbVf0Kw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1322&min_rtt=1317&rtt_var=505&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1695&delivery_rate=1062362&cwnd=46&unsent_bytes=0&cid=e64bb3a94d69c258&ts=293&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=176&recv=86&lost=0&retrans=0&sent_bytes=176563&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2353&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa8edca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 call-us.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 3 KB
2 KB 34ms
32ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/call-us.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d9d2edef75ae3ed7e7ce903c9246400f3cf7ce1b1286b24eee14a31162ad9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5JQXGSe46IyphUMtZaRV6XJ2d021CZGeQSYlAh%2FVz2UYCj10RNyui17PMhbDLjby0pjCBKROjouqmA0XBVsT%2BTwS1lINksZLjhotvuTGlWUjKJ73wA3W5V8O%2B0WNnkHyWZP7%2FM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1418&min_rtt=1331&rtt_var=440&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1421&delivery_rate=2121611&cwnd=113&unsent_bytes=0&cid=7c2348c7a84e19e8&ts=299&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=165&recv=86&lost=0&retrans=0&sent_bytes=165423&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2351&x=1", cfExtPri, cfHdrFlush;dur=3
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa8fdca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 right-banner-lines.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 1 MB
478 KB 46ms
44ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/right-banner-lines.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b516743e6f7a2d27b2e4654001231dd8a182eaea637b11d4f065d4b935629db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kSko2gcwjLW9CWPekdiLhSG71CN55fEYivfyWIlQmsbn2cPlJ6g8KHE411qtMqUM0U%2Fj%2BnHT2hxtMptcjCIOhw9CVFP4BhQKKaXOzOCo%2Bq140W%2B3U%2F5jTgWysGFnpRgk59V2c4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1990&min_rtt=1973&rtt_var=587&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1432&delivery_rate=1390970&cwnd=250&unsent_bytes=0&cid=af307183cbcb5e63&ts=833&x=0", cfL4;desc="?proto=QUIC&rtt=7715&min_rtt=6122&rtt_var=897&sent=307&recv=96&lost=0&retrans=0&sent_bytes=321674&recv_bytes=20994&delivery_rate=4927635&cwnd=97200&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2366&x=1", cfExtPri, cfHdrFlush;dur=6
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa90dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 dismiss.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 367 B
1 KB 28ms
27ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/dismiss.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdb657ef470b5370431a64f2a8775107cbbace1415c42d5a0380b57f2ee7a9c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jd14ZEN8ZXF8j7vr%2BQAJQKFFokuwPH%2FaF2L29%2F1iQuSn8L0cAurBQiOdmtx2aPgdHBkxz8bZld2PVbUL8q%2BgWxEIgxflkh5AUSqm31p8SfDqtBqqfZoyJiCwEXjRXPzWpIALFk0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1357&min_rtt=1349&rtt_var=389&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1421&delivery_rate=2095513&cwnd=248&unsent_bytes=0&cid=a3a5784b9f708445&ts=26&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=157&recv=86&lost=0&retrans=0&sent_bytes=155950&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2350&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa92dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 car.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 3 KB
2 KB 34ms
33ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/car.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fa01b03e23c4d8f479359eb10dfb93425e8e953d3a766da428d544b121ae58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXgSjE%2FvXMWeY%2BfAAuAcI01vgJGsutPgGQZaCrIR8mFQOjRTq1H6L%2FQLsPQIlewTUN7CTgxq3k%2B%2FOQGjRLPcjE%2BB6KyJT3eNs3EwE%2FEpbeL1YbjGFv%2Fm5TLcI1nBpZULcNJdvLo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1969&min_rtt=1963&rtt_var=749&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1417&delivery_rate=1437220&cwnd=94&unsent_bytes=0&cid=bee3148042f08c70&ts=849&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=176&recv=86&lost=0&retrans=0&sent_bytes=176563&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2354&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa93dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 plus.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 748 B
1 KB 35ms
33ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/plus.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34c5050489789218c42a6673b9ce7fefb1a22bfa437823110081900c9d7ddab9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UY7KdUfKQBBxW3%2FmEu4BzQ03kZqOHcrYyFhRSiZQzXDEe11XOmM%2BQn7pXewk9lEONRbWLrRfb2fTjxfJsUhnUojSAKD9fpm2JQIYtxJTIsuaAUcxkPV3wpsrx0k016rWB%2BjgZWM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1950&min_rtt=1935&rtt_var=574&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1420&delivery_rate=1424495&cwnd=251&unsent_bytes=0&cid=a0042b93e2e6a058&ts=828&x=0", cfL4;desc="?proto=QUIC&rtt=7767&min_rtt=6122&rtt_var=1088&sent=194&recv=87&lost=0&retrans=0&sent_bytes=195190&recv_bytes=20594&delivery_rate=1304165&cwnd=56400&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2355&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa94dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 big-building.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 1 KB
1 KB 35ms
34ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/big-building.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 313558df442f8744c8fa247a15f850d09f7ba82ab92aad6ecb51673323163966

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yi1TeIAZWLlg8C1EL1WsyEzOzJyC1ce%2Bq3YIWj9fY8xebPMN2qh0vTm0BxRNRuxi0pluNTyH3%2FXf3RLgJgiLotirD7yJmHBCW4zG854bGsMrRvKjob0gF4WTc8dDdum8Ihyj6xI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1249&min_rtt=1232&rtt_var=378&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2835&recv_bytes=1426&delivery_rate=2182366&cwnd=250&unsent_bytes=0&cid=4811b06dea00d63b&ts=838&x=0", cfL4;desc="?proto=QUIC&rtt=7767&min_rtt=6122&rtt_var=1088&sent=194&recv=87&lost=0&retrans=0&sent_bytes=195190&recv_bytes=20594&delivery_rate=1304165&cwnd=56400&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2355&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa95dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 home-contents.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 3 KB
2 KB 34ms
33ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/home-contents.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4706019b32d3193aaf145888caaa5f9dbb350a7d3a70cec74ed8a8f89eeaa8ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7v1Fr%2Bd1AhXrNpbnXvG9Gh%2FJNErrvdgimw9dZw6784WAnkG1Nr7bRUwDBqfUFVMzmsiNbrSVXnR8jESvIblBPB%2B%2FjrXx%2FpYr8TEyeigimKbPHCj%2B43%2Fn8lyU4nOUlzJO7I143Ks%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2215&min_rtt=2205&rtt_var=834&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1427&delivery_rate=1313378&cwnd=251&unsent_bytes=0&cid=2041ecb93289cdb0&ts=849&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=176&recv=86&lost=0&retrans=0&sent_bytes=176563&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2352&x=1", cfExtPri, cfHdrFlush;dur=2
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa98dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 car-warranty.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/ 5 KB
2 KB 34ms
33ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/leadcard/car-warranty.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba7f152f487006a95becd0cb302e300795b4c17361155b5437d2b643e71b695

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BmeMWFgyoCQi0TGocN3WPacbHjX8PtCuS1dLgSfvo1c7AMA5sSaYPUnCAlByHwLMucLNzh47NbMxjunFu%2Fx%2FFYQTWmaJjF%2Fj9J0%2F%2F4MunLfnX%2FaDaE4WRMTLq4K2l30m8HoZAqY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2013&min_rtt=2005&rtt_var=769&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1428&delivery_rate=1395662&cwnd=246&unsent_bytes=0&cid=992bfad0fe1c4236&ts=843&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=163&recv=86&lost=0&retrans=0&sent_bytes=163106&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2351&x=1", cfExtPri, cfHdrFlush;dur=3
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa99dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 Decreasing%20premiums.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/slider/ 44 KB
45 KB 28ms
27ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/slider/Decreasing%20premiums.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ee0a7e1f1f5a49c53c6946bcdeda556efbc6ec350faf8bc4fb4a4241b419e7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18P15H00hgx%2Fp7CrwdSKyKtsaLyCuTK44nhW5oFF1nITyE8q5TyzYxqoEGAGi%2BQxhiRY132dW8nDgYdbmt6Y9ejbAz%2Fo2cePhE7gDAnAHSY01%2Bayivfcfmued3vN9Fu6QbZGwYA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1259&min_rtt=1226&rtt_var=379&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1433&delivery_rate=2167664&cwnd=250&unsent_bytes=0&cid=5aed1cbccb89d707&ts=849&x=0", cfL4;desc="?proto=QUIC&rtt=7887&min_rtt=6122&rtt_var=1129&sent=163&recv=86&lost=0&retrans=0&sent_bytes=163106&recv_bytes=20550&delivery_rate=120134&cwnd=46800&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2351&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="Decreasing%20premiums.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe4fa9bdca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44922
server: cloudflare

GET
H3 200 nav-desktop-phone-34x34px.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 417 B
1 KB 28ms
27ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/nav-desktop-phone-34x34px.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f3ac82b2b794abe6e7ad266f4a68aa41c11b461d5e04c0fbcf79e3c2e2f9cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CO7FzXvLGAaLX5fvD9KfP5CHyCDmK7BOzT8e63yo0ii1A%2FljSGeXuBe0hVfFHCyxdsysZF04m6dc3J8Zbr7YsR5ypn%2B1qb%2BCDN4yRTfnecKn%2F7JhMGcPbh0D6XTvTuRiAga66j4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1266&min_rtt=1168&rtt_var=508&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1755&delivery_rate=1239726&cwnd=216&unsent_bytes=0&cid=e241d98302456444&ts=305&x=0", cfL4;desc="?proto=QUIC&rtt=8210&min_rtt=6122&rtt_var=341&sent=734&recv=126&lost=0&retrans=0&sent_bytes=828172&recv_bytes=23966&delivery_rate=20903455&cwnd=294000&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2391&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe53ae5dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 nav-desktop-whatsapp-34x34px-nugreen.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 2 KB
2 KB 28ms
27ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/nav-desktop-whatsapp-34x34px-nugreen.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2438d87960cd92b0bfb0c474e6cd4ef0ac3901c586f25db294088e7498eff983

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLWfEtMbpHMDNa0DQBPgMFq7HhbGlrRAQ3OcEDy5ero9uiVmRl9GxQVW%2FpnpNrweiti0tLgecAls8kH%2BS%2BHUQwRYk4jzwCy4jckBtKXxT3D0Fj40koyQ01reyq%2FyqhAb28QnxxM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1309&min_rtt=1304&rtt_var=499&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1764&delivery_rate=1074981&cwnd=251&unsent_bytes=0&cid=6f23aa86a9db5053&ts=839&x=0", cfL4;desc="?proto=QUIC&rtt=8210&min_rtt=6122&rtt_var=341&sent=734&recv=126&lost=0&retrans=0&sent_bytes=828172&recv_bytes=23966&delivery_rate=20903455&cwnd=294000&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2390&x=1", cfExtPri, cfHdrFlush;dur=2
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe53ae6dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 nav-desktop-user-34x34px.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 650 B
1 KB 28ms
27ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/nav-desktop-user-34x34px.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b89039e8ad7a37d96c34a01b52469f83cff2c4c68fbd3cf814ae2d66901b5a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8QD7%2F%2FSFkGUahIftnfC1y859XzPW%2BQKul5FT0ZSw3yOYSXQEK96wmGM2Gcr9Atyg%2B6y%2FjTFiR9uzkdfoTpzIapCtHHexkw5TzObF9VGAZ5HJOI6IhQG2bTBLDl3UUoqzTaZKeE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1247&min_rtt=1236&rtt_var=486&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1481&delivery_rate=2180722&cwnd=193&unsent_bytes=0&cid=2afcd199153d0da4&ts=831&x=0", cfL4;desc="?proto=QUIC&rtt=8210&min_rtt=6122&rtt_var=341&sent=734&recv=126&lost=0&retrans=0&sent_bytes=828172&recv_bytes=23966&delivery_rate=20903455&cwnd=294000&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2389&x=1", cfExtPri, cfHdrFlush;dur=3
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe53ae7dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 57ms
23ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:120,200,300,400,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
Referer: https://fonts.googleapis.com/

Response headers

age: 323232
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 07:04:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 07:04:26 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 273ms
255ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status: 200
cf-cache-status: HIT
etag: "af7ae505a9eed503f8b8e6982036873e"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: font/woff2
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 12/15/2024 13:12:06
cdn-cache: HIT
cdn-requestpullcode: 200
priority: u=0,i=?0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 484564167c658b2f814f3a2cb6121ebc
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.07
cf-ray: 8f5c1fe56f861976-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
cdn-edgestorageid: 1233
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 No%20bogus_no%20claim%20bonus_image.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/slider/ 7 KB
8 KB 23ms
23ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/slider/No%20bogus_no%20claim%20bonus_image.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 188bbfc09db2a6b3bdef0bc7e771daf36a0f37187d87aa2dee1550c0dd115f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BwYV8LBUoGOAPOFQtS1OsU%2BArIArKtBWU9RKVvekv7MSZiUMr8W52Bt3RxeZ8cMbD%2BBDiUlKSyJJXls4pLPTQqyA7ZpVAQcDBNwSGojsCE7Gdsr7z6MyGF984xLpi47jKjvlHo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1359&min_rtt=1344&rtt_var=405&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1449&delivery_rate=2035137&cwnd=124&unsent_bytes=0&cid=eee2d8aa8d7aac0e&ts=838&x=0", cfL4;desc="?proto=QUIC&rtt=12983&min_rtt=6122&rtt_var=1372&sent=2355&recv=309&lost=124&retrans=124&sent_bytes=2730701&recv_bytes=37126&delivery_rate=7514885&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2494&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="No%20bogus_no%20claim%20bonus_image.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5db89dca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7038
server: cloudflare

GET
H3 200 The%20million%20rand%20question_image.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/slider/ 16 KB
16 KB 20ms
20ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/slider/The%20million%20rand%20question_image.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0095680eb1aa2be64cc404ad9bc69b13ed063d7e02bd81d088b02a3d8c14751b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrKjlpkr6L0XduXRRAQwn7cIWv7qq%2BG1wkxcQJQcwNZIJ4FjELmtjB1qeu1pvJX0bp%2Fug00XABV7ToON4y%2FQY0o3sjsyEAoqQq0hhrI8kqbhGRvZGTMPgFbti93L3RSZ3YYC22w%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1278&min_rtt=1261&rtt_var=387&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1449&delivery_rate=2121611&cwnd=251&unsent_bytes=0&cid=e2bbdb7cffa26558&ts=302&x=0", cfL4;desc="?proto=QUIC&rtt=12983&min_rtt=6122&rtt_var=1372&sent=2340&recv=309&lost=124&retrans=124&sent_bytes=2713528&recv_bytes=37126&delivery_rate=7514885&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2493&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="The%20million%20rand%20question_image.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5db8adca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15882
server: cloudflare

GET
H3 200 whatsapp-footer-block-444px.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Components/WhatsAppFooterBlock/ 21 KB
6 KB 28ms
28ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Components/WhatsAppFooterBlock/whatsapp-footer-block-444px.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a980baf0c9d8a25dc294bb6f547e8fa9267f7e4c2a9c6490735e2a2e344f2b22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 7603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7qs5Q8BCre0yGV3PGw0PsNw0OQsxRhGuIVpGWMZNXQAm2dCtc2i2oF%2B7FD8QA%2BKTUfC6dwrEDOFoAJQ3jvE795jWLYOtmSKirELjZs0nEqCQBIaH1xRO2XbM86yhCFVPpV6puk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1443&min_rtt=1385&rtt_var=561&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1707&delivery_rate=1045487&cwnd=73&unsent_bytes=0&cid=4b91b53df268dcb3&ts=18&x=0", cfL4;desc="?proto=QUIC&rtt=11584&min_rtt=6122&rtt_var=3207&sent=2368&recv=311&lost=124&retrans=124&sent_bytes=2744181&recv_bytes=37215&delivery_rate=801001&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2500&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5db8cdca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 Testimonial-style.css
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/ 1 KB
1 KB 24ms
23ms Stylesheet
text/css 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/Testimonial-style.css
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8951763edf874021264f751f94f76c799453023d7ba10bdbf9c492810316c7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JGHmrJBMC5i%2FYYMXP4WeH8ZSi%2FsGZrZ3Gc%2BqNag4cEfhS%2BJ%2BRqs%2B3D5pTRZUtuOTRMjiL3XbbS1nETOEa6Neq6S5dvn48hwHJ85soInZTwOJjqy4sYR57x528UbbZhiMX%2B3Bvr0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1980&min_rtt=1961&rtt_var=775&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1378&delivery_rate=1366682&cwnd=230&unsent_bytes=0&cid=e7ac62f7dc8dd4c1&ts=841&x=0", cfL4;desc="?proto=QUIC&rtt=12983&min_rtt=6122&rtt_var=1372&sent=2365&recv=309&lost=124&retrans=124&sent_bytes=2741878&recv_bytes=37126&delivery_rate=7514885&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2496&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5db8ddca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 group-18.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/testimonials/ 2 KB
3 KB 22ms
22ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/testimonials/group-18.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3462d9c5692acdca26b8c390bb2b40d8e4ec8cb61806edc23a420ea215ccd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nslUe5YSU2Ny6axcv7nDGn75qGLni9vGZQ03Cd1riOlsKp96at8CcKWDZGhZZvZ%2BN7uOqggpGTecQQI8n5lTjclBEPeejFCDmcBMZZqUGreHmDgSqoh5cxgFeoRdJSYEvMhzhKY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1259&min_rtt=1209&rtt_var=554&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1426&delivery_rate=1795412&cwnd=250&unsent_bytes=0&cid=54652f596bb62333&ts=846&x=0", cfL4;desc="?proto=QUIC&rtt=12983&min_rtt=6122&rtt_var=1372&sent=2362&recv=309&lost=124&retrans=124&sent_bytes=2738824&recv_bytes=37126&delivery_rate=7514885&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2494&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="group-18.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5db8fdca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2090
server: cloudflare

GET
H3 200 productsSprite.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/products/ 16 KB
16 KB 19ms
19ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/products/productsSprite.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54169d2610e3a5f70ca3e30d6215feb8c95ffa2900147882378287fe0302875e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMSV71YX%2Fr1o1VjrsdkfJzpJozNlumgM7CTwYSSRYI%2FXIs1wG%2B7VMkv0Fh%2FvECmZkH%2FPORbKALigczCnYG5ur5rTdrjC%2BQd2H%2B%2BlIqBZ%2Fw5UaAYtr%2Bai4loNtzftC8PpqgiEeYc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1403&min_rtt=1333&rtt_var=550&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1750&delivery_rate=1086271&cwnd=250&unsent_bytes=0&cid=08b95a17234038a2&ts=322&x=0", cfL4;desc="?proto=QUIC&rtt=11584&min_rtt=6122&rtt_var=3207&sent=2367&recv=311&lost=124&retrans=124&sent_bytes=2743258&recv_bytes=37215&delivery_rate=801001&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2500&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="productsSprite.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5eb9ddca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15939
server: cloudflare

GET
H3 200 personalHomeSprite.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Personal/products/ 6 KB
7 KB 20ms
20ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Personal/products/personalHomeSprite.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3d4933e33e27efbf4b9cb04cca73d6f6146e7b3323b7c55b0d75dcba8dc3def

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qwCTSK6OR%2BBPKwonyQlDbgvQZyNixEZ41zkxh9noiGdPCBrqwRG6nk20b4jsAfAcuu3XzlzZLxkZOE6gG4A0961r%2BZLd2V6HmcpOxRMkxCRmGv9S5lw5xIogNcC7TFuwg0FanIs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1431&min_rtt=1386&rtt_var=552&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1487&delivery_rate=2089466&cwnd=230&unsent_bytes=0&cid=419a4be541c61576&ts=829&x=0", cfL4;desc="?proto=QUIC&rtt=11584&min_rtt=6122&rtt_var=3207&sent=2378&recv=311&lost=124&retrans=124&sent_bytes=2756181&recv_bytes=37215&delivery_rate=801001&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2500&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="personalHomeSprite.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5eb9edca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6506
server: cloudflare

GET
H3 200 awardsSprite.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/awards/ 18 KB
19 KB 25ms
25ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/awards/awardsSprite.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e2cd4cbca3c7eea9e68c49976a54e9225ac5d1f8797f1f2e846b77ef5a8d207

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHjZ%2BD8tQ9lT49tDPnqMF5EY79NVDchPy5F%2Bh9NYGwRBHEd6btBtdBKbY6yXSeIIrqWFNzDvMMyA%2BHEbKMJNU9eocbG5%2BcXvPsUC7gy%2BzkjYsjfKN7Q3Yw4%2FZILlOczx5BiwS44%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1387&min_rtt=1354&rtt_var=531&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2835&recv_bytes=1475&delivery_rate=2138847&cwnd=251&unsent_bytes=0&cid=41edd95e8d883287&ts=839&x=0", cfL4;desc="?proto=QUIC&rtt=10612&min_rtt=6122&rtt_var=3439&sent=2402&recv=313&lost=124&retrans=124&sent_bytes=2781975&recv_bytes=37304&delivery_rate=1981824&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2507&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="awardsSprite.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5eb9fdca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18150
server: cloudflare

GET
H3 200 benifitsSprite.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/benifits/ 7 KB
8 KB 22ms
22ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/benifits/benifitsSprite.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002c5594b9fe3a7b4126e8185fb0959a27eae687ba2ce30e634d6e2b8671a0c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qwe4vw0jsUHZtUN5XHxDJ9MNqZ0p9rhokvvyKTft%2FlG9Cw5Qo7RUVa1CwduN0GQY3wbVtOmkoUdYRh7%2BdmaFWygkztFoQri%2BqyDxxDOjDxAn746fQ%2BEhkEstYgcFlQd8IP0ZfOg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1950&min_rtt=1942&rtt_var=744&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2837&recv_bytes=1477&delivery_rate=1442949&cwnd=102&unsent_bytes=0&cid=9d99d2e8861899b8&ts=843&x=0", cfL4;desc="?proto=QUIC&rtt=10965&min_rtt=6122&rtt_var=3642&sent=2395&recv=312&lost=124&retrans=124&sent_bytes=2774118&recv_bytes=37259&delivery_rate=1545126&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2502&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="benifitsSprite.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe5eba0dca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6786
server: cloudflare

GET
H3 200 testimonialSprite.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/testimonials/ 16 KB
16 KB 23ms
23ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/testimonials/testimonialSprite.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a51312c229afd68154cde3a97bedf50c15e843261591a5a5aa47700b4e89da2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35hkVkzGn%2BLpIcXmXXWXaJZKwvJPZ%2FrAiVEN8y17zcLHMiIQKee3NsdCaZCs7TAVmRbXCbQdvuks%2FLJXiXWYl%2B%2BdfxcvI5d8Vlu8y16UVkoxH4FkvUkwJJX8rQQho9fESYElGUY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1947&min_rtt=1942&rtt_var=740&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1486&delivery_rate=1456008&cwnd=251&unsent_bytes=0&cid=133e006dce9912fb&ts=836&x=0", cfL4;desc="?proto=QUIC&rtt=9178&min_rtt=6122&rtt_var=2160&sent=2420&recv=320&lost=124&retrans=124&sent_bytes=2801480&recv_bytes=38152&delivery_rate=6294291&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2537&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="testimonialSprite.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe61bcedca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15926
server: cloudflare

GET
H3 200 king-price-footer-logo-080622.svg
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/ 15 KB
7 KB 20ms
20ms Image
image/svg+xml 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/General/king-price-footer-logo-080622.svg
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce2bf8791b33dc739f0aacfc913b41cd6b14d44772f9ae04112a0586b821464

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"05980f44adb1:0"
age: 137323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CEk2DF4%2BGvzFxeYSUxXC2Bg3AOTIn4TqFQ3hZxhH46KfbcRxmpmgLHOUdVppxhqq1nWNKtis5BqmzDfKtIgiakepk4%2BmJ%2FLxyMChgXJVEIlLtUjUK6hSDtoOlQ0wjLerHwAIIVI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1404&min_rtt=1399&rtt_var=528&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1710&delivery_rate=1035025&cwnd=166&unsent_bytes=0&cid=d76a1e3a983cd135&ts=837&x=0", cfL4;desc="?proto=QUIC&rtt=8219&min_rtt=6122&rtt_var=2037&sent=2450&recv=327&lost=124&retrans=124&sent_bytes=2828789&recv_bytes=39930&delivery_rate=409535&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2618&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe6ac48dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 rocket-loader.min.js Show response
xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675fc4cd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqSqzTnrRyq%2FtgiMwzGoDpCThbja73tW3GTyCk8hL6vHmrrpFP0VSmvFtTV%2B4W1ERA3k8qCrcTEIerCIxz47LFqNZ7rNsmA3YJTd6RLmrKcrPRdYIiA4VrGCPxr%2F%2BK1DV4KV5xlZIlj7ip5Q7qNUlE7XQmtwbWGB0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f5c1fe6ac4adca8-FRA
expires: Tue, 24 Dec 2024 00:51:38 GMT
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 06:12:29 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 reinsurancesprite.png
xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/products/ 8 KB
9 KB 23ms
22ms Image
image/webp 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Images/Home/products/reinsurancesprite.png
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5265d2181c9ca74440c43c610049c31d44316602015528f7c471f714ae7d5f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/Content/Stylesheets/bundle.min.css?version-141124

Response headers

cf-cache-status: HIT
etag: "05980f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0bLUuyiiQDOvlRnS4onZiq%2Bz3WTqCNpu3Tktz45l9Bk2j%2F0nkJFwj1ePj0vuenF0d%2B8R9%2Bgifj0FOM4yAFbdmZ1CBoOPV41cDGtw%2BbI%2FpHeN607K%2FGK98Arlfu%2FvLANf0OmsoQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1434&min_rtt=1427&rtt_var=550&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1480&delivery_rate=1944929&cwnd=230&unsent_bytes=0&cid=9aaa92b8361ec7df&ts=843&x=0", cfL4;desc="?proto=QUIC&rtt=8219&min_rtt=6122&rtt_var=2037&sent=2458&recv=331&lost=124&retrans=124&sent_bytes=2836083&recv_bytes=41850&delivery_rate=409535&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2621&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/webp
content-disposition: inline; filename="reinsurancesprite.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 10 Dec 2024 11:09:38 GMT
priority: u=3,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe6ac4fdca8-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8138
server: cloudflare

GET
H2 200 cxbus.min.js Show response
apps.mypurecloud.ie/widgets/9.0/ 20 KB
7 KB 113ms
30ms Script
text/javascript 54.72.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/cxbus.min.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.101.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-101-119.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

accb6d69d994c8c1c6073ca13e4a04e3fda462842c3197abd93e2595377e1792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, no-cache
content-encoding: gzip
x-amz-version-id: ERBXs.pD_AXkqvNtvYtaLtvdhzr1HYHO
etag: "0fe8b70da9e7adbcacddbdd2ae7be25d"
x-amz-request-id: RR9BAZ5DV18KZNPZ
content-length: 6977
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/javascript
last-modified: Tue, 03 Sep 2024 04:43:39 GMT
server: nginx
x-amz-id-2: mAxXO2y78zV/8Drb/ta+Dg5G+hHhhfPFRZ69yh6gc6G9xvnpoSOopeaIM6H9iq3t2SMIVeObyiU=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 439 KB
139 KB 72ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1002689869

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d26299c3ae647f7fcf647148375acdfbdd51f806ba539ab2761f1e83a505ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 22 Dec 2024 00:51:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 141120
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 bundle.min.js Show response
xhtgfgf98635467xyz12.btewq.workers.dev/Scripts/Shared/ 12 KB
3 KB 21ms
20ms Script
application/javascript 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Scripts/Shared/bundle.min.js
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb06a574f6233c0ae6cde135b77010881d6697fc7982308adf1d2b04c48c919e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"040f08f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2BtZlj5S3cQaCf453B2wPAITjR49TS5bDzQSHh%2FEFP2yz6pfusCW2OnaajBjeef6ElmSBKYqCUbfyCuKHE0lGW4cepjfSnS4XwjLrhOlTQ2Wy%2F2Eb7SOB8%2B4xZMcquE0eGkrtqQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2574&min_rtt=2350&rtt_var=1329&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1351&delivery_rate=699010&cwnd=197&unsent_bytes=0&cid=8773df86703a243a&ts=839&x=0", cfL4;desc="?proto=QUIC&rtt=7946&min_rtt=6122&rtt_var=1606&sent=2466&recv=333&lost=124&retrans=124&sent_bytes=2845321&recv_bytes=41940&delivery_rate=1995284&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2632&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 11:09:52 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe6bc66dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 bootstrap-select.min.js Show response
xhtgfgf98635467xyz12.btewq.workers.dev/Scripts/ 50 KB
17 KB 24ms
23ms Script
application/javascript 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Scripts/bootstrap-select.min.js
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c33068e9076a8d5385f0ff6bdeeb87a7c2112641c221775c9304ba2282eb4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"032c91f44adb1:0"
age: 137322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JC%2BMgBLoWFZGJONBz3s4BnczyZMGcxn2%2FK7UMRx43pMxjcT8IhI%2FRJOZxsmdYjFCZ2BhInurASCUxWW51FGIBDrivRaXHyF6ursRD5Jj%2BV2Wp5v1ipt4VGztSy7Rn%2F%2Ff4I5RSf4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1299&min_rtt=1292&rtt_var=490&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1625&delivery_rate=1120743&cwnd=249&unsent_bytes=0&cid=5d663852116632dc&ts=830&x=0", cfL4;desc="?proto=QUIC&rtt=7946&min_rtt=6122&rtt_var=1606&sent=2470&recv=333&lost=124&retrans=124&sent_bytes=2848820&recv_bytes=41940&delivery_rate=1995284&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2636&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 11:09:40 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe6bc67dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 bootstrap.bundle.min.js Show response
xhtgfgf98635467xyz12.btewq.workers.dev/Scripts/ 77 KB
24 KB 25ms
24ms Script
application/javascript 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Scripts/bootstrap.bundle.min.js
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"032c91f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7eDox76WWL%2Bnk2mRAXCJRpYv1u1RD145tkWtq4dW0xLnbcsmlJnOPlIYbq%2FfAzEc0Zz2X9U8BwJEuc96fNkub%2FoElYJq7zDOHcuWzc4Q6ZeIz3ui3p0IO9RoIwh4GS6E%2BzkNOY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2973&min_rtt=2947&rtt_var=875&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2836&recv_bytes=1356&delivery_rate=945478&cwnd=251&unsent_bytes=0&cid=ca0e970a6e5377fb&ts=839&x=0", cfL4;desc="?proto=QUIC&rtt=7946&min_rtt=6122&rtt_var=1606&sent=2486&recv=333&lost=124&retrans=124&sent_bytes=2866570&recv_bytes=41940&delivery_rate=1995284&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2637&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 11:09:40 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe6bc69dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jquery-3.4.1.min.js Show response
xhtgfgf98635467xyz12.btewq.workers.dev/Scripts/ 86 KB
33 KB 26ms
25ms Script
application/javascript 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/Scripts/jquery-3.4.1.min.js
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"032c91f44adb1:0"
age: 137322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZrorIOcXjgzJVtb%2FrUNN2IjjP4jBhIK%2FveWh29%2F01zo6AmWjvUyrHxS0EbUeYYOC7frRTrd%2B501h0ozjso54qLm80WeaH7OooPirax85HaZdYs5vzR3bOg3XWGKuJ6zatnJOx4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2264&min_rtt=2199&rtt_var=731&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2835&recv_bytes=1352&delivery_rate=1168212&cwnd=181&unsent_bytes=0&cid=4874de4484ba615d&ts=28&x=0", cfL4;desc="?proto=QUIC&rtt=7946&min_rtt=6122&rtt_var=1606&sent=2508&recv=333&lost=124&retrans=124&sent_bytes=2891804&recv_bytes=41940&delivery_rate=1995284&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2637&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 11:09:40 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe6bc6adca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 injector.js Show response
cdn.seoplatform.io/ 134 KB
39 KB 116ms
33ms Script
text/javascript 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.seoplatform.io/injector.js?websiteId=21357

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

awselb/2.0 /

Resource Hash

de20a5f7b3acd8a15e44196f834f061fb9d35c0e2596ee8b581641241d76470e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: br
age: 396524
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/javascript
x-served-by: cache-mad22020-MAD
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: no-store, max-age=0
x-timer: S1734828699.772298,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39474
server: awselb/2.0

GET
H3 200 favicon.ico
xhtgfgf98635467xyz12.btewq.workers.dev/ 1 KB
2 KB 20ms
20ms Other
image/x-icon 172.67.204.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da68ddf674a41b4f7417824058bb1a54b03a67d211f9681d47d782689135074e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"032c91f44adb1:0"
age: 137321
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8W%2BfmF99f9hoakffYw3fno%2F3TdjpfIAGjvH0bMNEOIs%2B03%2BIFsyE1R9oM1gKN4Z2r3xqr37DC1uDhOp2YfyUkk%2Fgn3Kcady3JZcoHVZGdR72c7fprOrXd4%2Fzvfdca%2FMUeJ7f0SU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1242&min_rtt=1226&rtt_var=471&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1670&delivery_rate=1181076&cwnd=248&unsent_bytes=0&cid=3eda8283fb9740ac&ts=19&x=0", cfL4;desc="?proto=QUIC&rtt=7621&min_rtt=6122&rtt_var=703&sent=2539&recv=342&lost=124&retrans=124&sent_bytes=2926091&recv_bytes=42820&delivery_rate=8918616&cwnd=577710&unsent_bytes=0&cid=caa553e7c8c9582c&ts=2754&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: image/x-icon
last-modified: Tue, 10 Dec 2024 11:09:40 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5c1fe78d64dca8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 419 KB
127 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-JHVP

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd9ccc1f685442373c5b3bf97c3abe763e642a77641e830edb6c3d91c242e62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 22 Dec 2024 00:51:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129869
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 genesys.min.js Show response
apps.mypurecloud.ie/genesys-bootstrap/ 272 KB
87 KB 30ms
30ms Script
text/javascript 54.72.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/genesys-bootstrap/genesys.min.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.101.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-101-119.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

79d97764cf07e9c5a1e43d3eb37157f6a03bb705f6cfed006146651983499b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, no-cache
content-encoding: gzip
x-amz-version-id: W2UpDuzVKbhL.HRnDgLhbikx8C5TonKI
etag: "161a12530eb8dfc886d2a08aa625d52e"
x-amz-request-id: RR9C9Z8RT5Q1ZW0G
content-length: 88919
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 11:03:35 GMT
server: nginx
x-amz-id-2: d3AB9LH2f0p/Vh6TYE4/ZAHT9+/KMz6pAaAAlussWrCxphNCVoRulNICjs/93npxCGVynBcph/w=

GET
H3 200 jquery.validate.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/ 49 KB
12 KB 31ms
20ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b85c7b41546b0775d504b0aef5d2c124f4a0784ea253681fd7145c072c2008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-c5ee"
age: 261387
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OvJZO3nUOxZLkikkqSNrLTnzdFVaIwXA9V46muKwolmQe5R48kL4oLKlWKRBYlZMo%2FP2HJt%2FyC3%2BBbWqnYxmlFWz%2BKXzthSNKAzLuqXYcIpSVYvIsON6A%2BdVt%2FFDnLX2I%2BhgVuJV"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 00:51:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f5c1fe7e886bbf5-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11613
server: cloudflare

GET
H2 200 widgets-core.min.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 374 KB
113 KB 86ms
86ms Script
text/javascript 54.72.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/widgets-core.min.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.101.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-101-119.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b9931f62b188c5bfbd1bd58db2f3ea8db05de0fac66e143915b6e58919b509b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, no-cache
content-encoding: gzip
x-amz-version-id: 9TnF7qhK7W8env9jrTyBkwdNgPlOGmSh
etag: "974c9c8235bccf794b9858522fb7fd4a"
x-amz-request-id: CQ7S1TSH8HKS5JAC
content-length: 115575
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/javascript
last-modified: Tue, 03 Sep 2024 04:43:39 GMT
server: nginx
x-amz-id-2: BnOHCRD0P5DxqLpkWIK8NEDb+uN5Yjhit3n75JAJjy/iZ72zw3147j/rb7Vh+MMzvro2V/TWcsc=

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 56ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RF1R3QHMJT&gtm=45be4cc1v869331089za200&_p=1734828698841&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=2117385058.1734828699&ecid=1071304135&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=m&_s=1&sid=1734828698&sct=1&seg=0&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2825
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
572 B 58ms
20ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RF1R3QHMJT&cid=2117385058.1734828699&gtm=45be4cc1v869331089za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1002689869
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 51ms
22ms Ping
text/plain 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=577670569.1734828699&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&auid=1005622689.1734828699&navt=n&npa=1&gtm=45be4cc1v869331089za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734828698871&tfd=2828&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1002689869
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 55ms
27ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RF1R3QHMJT&cid=2117385058.1734828699&gtm=45be4cc1v869331089za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1232346641

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 00:51:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 54FA 0
0 57ms
25ms Document
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1002689869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 00:51:38 GMT
expires: Mon, 22 Dec 2025 00:51:38 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jquery.validate.unobtrusive.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/ 19 KB
4 KB 15ms
15ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd342f044b0dbd8a8a512ee91545ace53f8e13c678c698441a9c72799079ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-4ba6"
age: 265425
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFyohkL6JUFH%2FtrAdvB8Wpv0JVhllQf%2F%2BVfmjr%2B%2FEZajRaXmyzBH28%2BGyPNS%2BdO%2F8NoYr2IUKzqUEvZHFAtQbO4xyLx%2FVhETFyUV1Gm0T3mH34L5n03GKwqNIZOaaeDrLinFZx75"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 00:51:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f5c1fe8189bbbf5-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3942
server: cloudflare

GET
H2 200 nr-spa-1.277.0.min.js Show response
js-agent.newrelic.com/ 114 KB
33 KB 100ms
32ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.277.0.min.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6dc071cf92a0ce3d98e1e19823a5a3d63ddf4238c69fe4bd0520d9c50dc7cb25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "3a8c6b03527d50cb8d8cefa42b1baf77"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 33644
date: Sun, 22 Dec 2024 00:51:38 GMT
last-modified: Thu, 19 Dec 2024 20:09:24 GMT
content-type: application/javascript
x-served-by: cache-mad2200091-MAD
x-cache-hits: 72123
vary: Accept-Encoding

GET
H2 200 hotjar-572361.js Show response
static.hotjar.com/c/ 13 KB
6 KB 30ms
9ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-572361.js?sv=7

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

9f07e231ebcec8195831bdf78826c19903e118ae21a42238935b3041bf78fdde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: br
etag: W/7913dd5d0dffdc888fc31bb9f17e762d
age: 15
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: sXl7eeqI8dSxR6l0D_DX5ep2LmiNjlpLGviCjxK4OL7lxCCEzcu5UQ==
date: Sun, 22 Dec 2024 00:51:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 250 KB
90 KB 34ms
32ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11203488302&l=dataLayer&cx=c&gtm=45He4cc1v552965za200

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dba5fb9d29d8bb936a69b1d70d0a464ba508619421c552cc6f57ca4cbd0de5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 22 Dec 2024 00:51:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91644
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 172ms
118ms Script
application/javascript 88.221.123.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC1JGARC77U9QPBO8REG&lib=ttq
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a88-221-123-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 12153113b97225b947d98dd7e4645ce07bc9bf350c790b8c144534e33edf3e54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-107-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Sun, 22 Dec 2024 00:51:39 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=8, inner; dur=4
x-cache: TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 8a926fc1.17f438de
x-tt-trace-host: 012b40a28454a94e1d86958fa61f7954737a50cfff52af71edb2759d77d319e962560c428e586f0ad50d4d1947359c1ddab83f72c19972a43374ccea071cd4ac685f41f951449b292de413e2e717f2d824943c612ff09c38b340e92e2246af604a68d4d44c9ed129fdd99808e39b085f4c
x-origin-response-time: 8,23.220.107.214
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2412220051396B62D2DFE97E9302A8E4-7CAC8A7834F9D8E9-00
content-length: 2594
x-parent-response-time: 96,88.221.123.103
x-tt-logid: 202412220051396B62D2DFE97E9302A8E4
server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 27ms
9ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-xnppNeeb' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-xnppNeeb' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4481, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: y+uyutK6VVpJbTwQ485oGQC1bZ9lO01njVoZLkTRkWzDLpMsFklERZJNAvUdDFra2YRm4UptZST5IiwoEPbZyw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

POST collect
gtm-wlpt4gr-zdhlo.uc.r.appspot.com/g/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 18ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RF1R3QHMJT&gtm=45be4cc1v869331089z8552965za200&_p=1734828698841&em=tv.1~pn.e0~co0.ZA&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=2117385058.1734828699&ecid=1071304135&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=m&_s=3&sid=1734828698&sct=1&seg=0&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&en=gtm.dom&ep.event_id=1947f519-9ccd-436d-a67e-e22f4d6ff124_1734828698841.9&ep.event_name=PageView&tfd=2934
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 00:51:38 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK domains.json Show response
api-cdn.mypurecloud.ie/webdeployments/v1/deployments/21f49aa2-79fe-4811-9df3-a97e48f4b23a/ 134 B
763 B 145ms
114ms XHR
application/json 18.66.122.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cdn.mypurecloud.ie/webdeployments/v1/deployments/21f49aa2-79fe-4811-9df3-a97e48f4b23a/domains.json
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b463524c254188c40482d5362c832f78b852c1dd2661f84c904ff47f78eaed2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

ETag: "219f6182df9cf4fc4c80ebcec42e8f65"
Access-Control-Allow-Methods: GET, POST, PUT
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: 35iPaOcvvkouNAWDC62WEXOwagrgUk2w5I2D7CnXqbPYiimOtWqHKA==
Date: Sun, 22 Dec 2024 00:51:40 GMT
Content-Type: application/json
Vary: Origin
Last-Modified: Mon, 10 Jun 2024 11:12:43 GMT
Cache-Control: max-age=120,s-maxage=120
Connection: keep-alive
Via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 134
X-Amz-Cf-Pop: FRA60-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 modules.60031afbf51fb3e88a5b.js Show response
script.hotjar.com/ 223 KB
56 KB 34ms
8ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

x-robots-tag: none
content-encoding: br
etag: "b4a1a7933e55e780894c3f39b1aca0b4"
age: 306032
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Z1Ix4_riuqfUUr7Oz6kgHwkP8pShKC6n4btrQuMkTUipdogFnWsE2Q==
date: Wed, 18 Dec 2024 11:51:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:50:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56408
x-amz-cf-pop: FRA56-P4

GET
H2 200 roboto.css
apps.mypurecloud.com/webfonts/ 4 KB
726 B 314ms
101ms Stylesheet
text/css 52.21.88.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/webfonts/roboto.css

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.88.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-88-24.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3b7019f0c310bb3b78c1595f2bc96bad82d45b27c4eb14678fa4bd939b4192e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, no-cache
content-encoding: gzip
x-amz-version-id: riOx.2eTO2JnQVG.FcCPmzVfN9nopHWZ
etag: "98824ca6634181284fa891ff5ff859e9"
x-amz-request-id: 6MTT1DKRP8JBCVPX
content-length: 325
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: text/css
last-modified: Thu, 14 Dec 2023 08:21:20 GMT
server: nginx
x-amz-id-2: y0VPFP4xDrfydU08zT0sPMuGRXGjbfHsKrL1GfwfrHa8XwL3iQgjXR9j4vN2mWGrNzYf+4Ka3Fya890m7Qs8Eay8r8/RJ17OiZWWjxFRzaA=

GET
H3 200 1526582507670240 Show response
connect.facebook.net/signals/config/ 323 KB
98 KB 242ms
242ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1526582507670240?v=2.9.179&r=stable&domain=xhtgfgf98635467xyz12.btewq.workers.dev&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

2395a04df486f333bab8ee30152a9c10898d97b9634ded85e964b8e0b45a4e9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-pYSJFvLA' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-pYSJFvLA' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=77, mss=1232, tbw=71293, tp=68, tpl=0, uplat=230, ullat=0
pragma: public
x-fb-debug: /JSAAWbMH6gM39rjmdTmYUgy4zmGDHa54AgH8Wk8TtPlOQsutHLpvqb+pNWIQxbyl0UmxCkr/yYbgwwuzhPLWg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11203488302/ 5 KB
3 KB 51ms
28ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11203488302/?random=1734828699025&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&label=FOhjCLmP7KYYEK7Unt4p&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1005622689.1734828699&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4

Requested by

Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

511fb5553ca7071365301c22b764d65b9274840291ccebb7e1a2d3497953dce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2696
date: Sun, 22 Dec 2024 00:51:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 171ms
79ms XHR
application/json 54.155.186.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=572361&gzip=1
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.155.186.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-186-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 49d743869e5452339b16c54c0f4242bc5ac9121bed40c38d6c1c557360159e39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: application/json

POST
H/1.1 200 NRJS-8ff5632b9fea0cdb796 Show response
bam.nr-data.net/1/ 188 B
674 B 322ms
255ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-8ff5632b9fea0cdb796?a=1522542894,1522536193&v=1.277.0&to=MlAAMEJRV0UCAEBeCgsaLzJzH3FZDgZ3WAsRRw0IXFVLGSoNUFId&rst=3093&ck=0&s=b74bdaca74e21cac&ref=https://xhtgfgf98635467xyz12.btewq.workers.dev/&ptid=18e2c3ed30714786&af=err,spa,xhr,stn,ins&ap=22&be=1858&fe=854&dc=773&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1734828696043,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:12,%22c%22:12,%22s%22:13,%22ce%22:27,%22rq%22:27,%22rp%22:1859,%22rpe%22:2579,%22di%22:2618,%22ds%22:2631,%22de%22:2631,%22dc%22:2712,%22l%22:2712,%22le%22:2712%7D,%22navigation%22:%7B%7D%7D&fp=2417&fcp=2417
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f7017ad07d71381f8c8611a6a6f39fae9710bf0a59364f52c053341e7ffbffd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

access-control-expose-headers: Date
timing-allow-origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
Connection: keep-alive
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
Content-Length: 188
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: text/plain
x-served-by: cache-mad22026-MAD

GET
H3

200

/
www.google.de/pagead/1p-conversion/11203488302/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11203488302/?random=228097666&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&d...
https://www.google.com/pagead/1p-conversion/11203488302/?random=228097666&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&...
https://www.google.de/pagead/1p-conversion/11203488302/?random=228097666&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&t...

42 B
64 B

34ms
34ms

Image
image/gif

142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11203488302/?random=228097666&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&label=FOhjCLmP7KYYEK7Unt4p&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=1005622689.1734828699&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCNPFsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIwrLqwpS6igMVHu0RCB3PLRBhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOi9odHRwczovL3hodGdmZ2Y5ODYzNTQ2N3h5ejEyLmJ0ZXdxLndvcmtlcnMuZGV2L0JWQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWl3QXJSVTlyRVhILUtudDZfUE5zelRIekI4ZkRVTTAwSDFzRERvdW9hQ0xQeGYyVDNCLUQyM0FvZktIVkE&is_vtc=1&cid=CAQSGwCa7L7ddhjGNdg7GUHkDH8RII6wKnQlFKHjXw&eitems=ChEIgOuZuwYQ0I2V1fy1xPeDARIdADVQLp5Yuhl-LjJzqCk6JpenWfwgPZYkQ8ba_7M&random=46850216&ipr=y

Protocol

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 00:51:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/11203488302/?random=228097666&cv=11&fst=1734828699025&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8552965za201zb552965&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&label=FOhjCLmP7KYYEK7Unt4p&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=1005622689.1734828699&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCOvGsQIItMaxAgijxbECCNPFsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIwrLqwpS6igMVHu0RCB3PLRBhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOi9odHRwczovL3hodGdmZ2Y5ODYzNTQ2N3h5ejEyLmJ0ZXdxLndvcmtlcnMuZGV2L0JWQ2hBSWdPdVp1d1lRbDhxNHg2S1B6cTVfRWl3QXJSVTlyRVhILUtudDZfUE5zelRIekI4ZkRVTTAwSDFzRERvdW9hQ0xQeGYyVDNCLUQyM0FvZktIVkE&is_vtc=1&cid=CAQSGwCa7L7ddhjGNdg7GUHkDH8RII6wKnQlFKHjXw&eitems=ChEIgOuZuwYQ0I2V1fy1xPeDARIdADVQLp5Yuhl-LjJzqCk6JpenWfwgPZYkQ8ba_7M&random=46850216&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 00:51:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 main.MWE1OTI4NzI4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 352 KB
98 KB 23ms
23ms Script
application/javascript 88.221.123.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a88-221-123-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

x-cache: TCP_HIT from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-241219132431C5D10393697D2CBBFEF7-072B780749E2670F-00
content-length: 99566
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241219132431C5D10393697D2CBBFEF7
server: nginx
x-akamai-request-id: 17f4390c
x-tt-trace-host: 0172876714555741d1cb15cee6f5d960f03159a9499db90fdb2409816be5315006bb61806ae39ad822adc4069d01c986fe4a4eea3f0e2854c7407a1705571b0c4f040099c5ca2e6abf3dc7dff79ec887486d2cd7f869266094a3ef4b444517404d

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 22ms
22ms Script
application/javascript 88.221.123.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a88-221-123-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

x-cache: TCP_MEM_HIT from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2411150502460C796FB397A41A14221E-020D63BB7F92EA48-00
content-length: 39315
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411150502460C796FB397A41A14221E
server: nginx
x-akamai-request-id: 17f4391e
x-tt-trace-host: 01678848fe5f3e0e4d1cf0f366d73cbb1df117915333d0768a4e3413576b4ab452cf32d22d3469e51179760e41e9e2964ad03668ccadbbede19fd487e6f674aa6066c0fac7f2fb47afd2afb6ca7cf5e5783f1fe4b9c4cd1b9339fec7137833ad0f

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
880 B 140ms
139ms Ping
text/plain 88.221.123.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a88-221-123-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

x-cache-remote: TCP_MISS from a23-218-223-80.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 00:51:39 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=23, inner; dur=19
x-cache: TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 00:51:39 GMT
x-akamai-request-id: fa14e3d0.17f43922
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012b40a28454a94e1d86958fa61f7954737a50cfff52af71edb2759d77d319e9625558e121f9450d72356791e8ff66cbb50d16da766769d9a5aec9976b360bd34dcd9f5b2348b67991eb241ef98e666424bb414b4aed029628341647da093c778bbbc403e1780268e8b2cf6a576286c4cc
x-origin-response-time: 23,23.218.223.80
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241222005139F24770426DA90F6D1072-6E7FED620412FA42-00
content-length: 0
x-parent-response-time: 110,88.221.123.103
x-tt-logid: 20241222005139F24770426DA90F6D1072
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
720 B 154ms
153ms Ping
text/plain 88.221.123.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a88-221-123-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 00:51:39 GMT
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=4, origin; dur=126
x-cache: TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 00:51:39 GMT
x-akamai-request-id: 17f43923
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012b40a28454a94e1d86958fa61f79547318b1920a65eed802ecf0f34a9a9b6e83065d26de3495984b34c051614a3bc3d7b0d97cb39669a82664dbaf5273d8a1350eebc8f56d7f01c43fe394859af4e7875f726d6d16c9e5d5743a8b99bfdbe1e9
x-origin-response-time: 126,88.221.123.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24122200513973501AA457330578D500-0F7780BD1497CE08-00
content-length: 0
x-tt-logid: 2024122200513973501AA457330578D500
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
877 B 141ms
140ms Ping
text/plain 88.221.123.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a88-221-123-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

x-cache-remote: TCP_MISS from a23-32-17-132.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 00:51:39 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=26, inner; dur=21
x-cache: TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 00:51:39 GMT
x-akamai-request-id: 288d071b.17f43924
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012b40a28454a94e1d86958fa61f7954737a50cfff52af71edb2759d77d319e9622389f3c9dc6c73754336267bab0aaeca3c2a49f180c4a9c7bfec92c081ebfc9ecbef9a1d938f1751e9cb779e12a348dba188a913d3115a8ea00183ca8fdb064c08aeeff8856e01c3b58758ea06e85aa5
x-origin-response-time: 26,23.32.17.132
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241222005139293E360E0749FA6D66B5-0BB683182C03E2A4-00
content-length: 0
x-parent-response-time: 112,88.221.123.103
x-tt-logid: 20241222005139293E360E0749FA6D66B5
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 24ms
8ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1526582507670240&ev=PageView&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev&rl=&if=false&ts=1734828699302&sw=1600&sh=1200&v=2.9.179&r=stable&a=gtmss&ec=0&o=12316&fbp=fb.2.1734828699301.974740767555435818&cs_est=true&pm=1&hrl=3d3826&ler=empty&cdl=API_unavailable&it=1734828699017&coo=false&eid=1947f519-9ccd-436d-a67e-e22f4d6ff124_1734828698841.9&cs_cc=1&cas=8073208649446408%2C8609167925785119%2C8327437534034657%2C8357589214306074%2C26804203262527759%2C7312864288816573%2C27207356222188514%2C8225489110842320%2C27515820164730617%2C6684764928315260%2C8550197434997034%2C7405934282816485%2C8803053256402489%2C7705881149527181%2C8179812238714990%2C5699890850051077%2C7621870684501125%2C7763301700399129%2C7333866956727197%2C4653593681378446&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4654, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 156ms
141ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1526582507670240&ev=PageView&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev&rl=&if=false&ts=1734828699302&sw=1600&sh=1200&v=2.9.179&r=stable&a=gtmss&ec=0&o=12316&fbp=fb.2.1734828699301.974740767555435818&cs_est=true&pm=1&hrl=3d3826&ler=empty&cdl=API_unavailable&it=1734828699017&coo=false&eid=1947f519-9ccd-436d-a67e-e22f4d6ff124_1734828698841.9&cs_cc=1&cas=8073208649446408%2C8609167925785119%2C8327437534034657%2C8357589214306074%2C26804203262527759%2C7312864288816573%2C27207356222188514%2C8225489110842320%2C27515820164730617%2C6684764928315260%2C8550197434997034%2C7405934282816485%2C8803053256402489%2C7705881149527181%2C8179812238714990%2C5699890850051077%2C7621870684501125%2C7763301700399129%2C7333866956727197%2C4653593681378446&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451032526790210531"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451032526790210531"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451032526790210531", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=8622, tp=20, tpl=0, uplat=129, ullat=0
pragma: no-cache
x-fb-debug: 7Ti2+JPPdoXE2chnnQe9t1y3KdsffB48kUEr49egLhefIXE4eHt2kuNCBrr+Qvr8y/IjC21mISYVbpMoXKiHZQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 25ms
10ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1526582507670240&ev=ViewContent&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev&rl=&if=false&ts=1734828699305&sw=1600&sh=1200&v=2.9.179&r=stable&a=gtmss&ec=1&o=12316&fbp=fb.2.1734828699301.974740767555435818&eid=ob3_plugin-set_2ea8c2932d3e20257796b4131e57e68eba1377d3b07d7ce482ec65d99ec5d772&pm=1&hrl=167d24&ler=empty&cdl=API_unavailable&it=1734828699017&coo=false&tm=1&cs_cc=1&cas=8498002210298033%2C8617204241732839%2C7235129003278469%2C8015621021871990%2C8666700796750443%2C8485296004907611%2C27637748345868463%2C7831122403659149%2C8455560354503661%2C26768400869470057%2C8473193476074661%2C8599659863412034%2C8522782561107061%2C8046749922056771%2C27107351952243368%2C8235078786515321%2C6425822350875637%2C27515820164730617%2C6684764928315260%2C7893914864005862%2C7538150866280317%2C8167259829958000%2C6356567657756827%2C5975144529278925%2C7677077509026077%2C5651495738283913%2C5329373180430370%2C7564107443672739%2C7614922471881168%2C5699890850051077%2C7621870684501125%2C7763301700399129%2C7669399216437020%2C7333866956727197%2C7174723515970162%2C4653593681378446&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4974, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 150ms
135ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1526582507670240&ev=ViewContent&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev&rl=&if=false&ts=1734828699305&sw=1600&sh=1200&v=2.9.179&r=stable&a=gtmss&ec=1&o=12316&fbp=fb.2.1734828699301.974740767555435818&eid=ob3_plugin-set_2ea8c2932d3e20257796b4131e57e68eba1377d3b07d7ce482ec65d99ec5d772&pm=1&hrl=167d24&ler=empty&cdl=API_unavailable&it=1734828699017&coo=false&tm=1&cs_cc=1&cas=8498002210298033%2C8617204241732839%2C7235129003278469%2C8015621021871990%2C8666700796750443%2C8485296004907611%2C27637748345868463%2C7831122403659149%2C8455560354503661%2C26768400869470057%2C8473193476074661%2C8599659863412034%2C8522782561107061%2C8046749922056771%2C27107351952243368%2C8235078786515321%2C6425822350875637%2C27515820164730617%2C6684764928315260%2C7893914864005862%2C7538150866280317%2C8167259829958000%2C6356567657756827%2C5975144529278925%2C7677077509026077%2C5651495738283913%2C5329373180430370%2C7564107443672739%2C7614922471881168%2C5699890850051077%2C7621870684501125%2C7763301700399129%2C7669399216437020%2C7333866956727197%2C7174723515970162%2C4653593681378446&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451032527700995218"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451032527700995218"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 00:51:39 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: q/++v/+gToZN3bXNcCMTmManXJ9grVmlmX9plmhUJv1MBumzBMNrjEGwZcrxXkmvGXNzN/0FcNEh2Ci+hrUu8w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451032527700995218", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5214, tp=17, tpl=0, uplat=126, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 711b951b39d3e6eb71b29f2759caf3eebe11a771f3f3e53fe72bd304817e4a3a Show response
capig.stape.do/events/ 0
846 B 155ms
133ms XHR
text/plain 172.67.177.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.stape.do/events/711b951b39d3e6eb71b29f2759caf3eebe11a771f3f3e53fe72bd304817e4a3a
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z40oAcanD5csAX4fZLaXyU7NRDWOqhnCHpDow5xr7wzWmzSZT1iDWJGPCU6EpkiWGj6UScr96CIVLuB7ypLVFRlyD5X7%2B%2BNZLJZ8N5HlmVVuXmXdgM57XMNm%2BoVcup1otw%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8f5c1feade25db9f-FRA
access-control-allow-origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=10660&min_rtt=6808&rtt_var=8165&sent=13&recv=13&lost=0&retrans=0&sent_bytes=5074&recv_bytes=5765&delivery_rate=889&cwnd=12000&unsent_bytes=0&cid=d951db2248ccad02&ts=136&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:39 GMT
vary: origin
server: cloudflare
priority: u=1,i

POST
H3 200 711b951b39d3e6eb71b29f2759caf3eebe11a771f3f3e53fe72bd304817e4a3a Show response
capig.stape.do/events/ 0
880 B 152ms
130ms XHR
text/plain 172.67.177.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.stape.do/events/711b951b39d3e6eb71b29f2759caf3eebe11a771f3f3e53fe72bd304817e4a3a
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUDoNfWr5B4l%2F0Qi4AH%2FtONa0uaoCYUfes5M3R%2BrsuaGSJXxTQSkXKbrM51fLRVcpANWFpbJuMTC%2BCxKQgPfq26ENCvKi5uiEAp798lwOZ89phS5tC6YrdPDMKNd5uxsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8f5c1feade26db9f-FRA
access-control-allow-origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=10660&min_rtt=6808&rtt_var=8165&sent=12&recv=13&lost=0&retrans=0&sent_bytes=4171&recv_bytes=5765&delivery_rate=889&cwnd=12000&unsent_bytes=0&cid=d951db2248ccad02&ts=133&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 22 Dec 2024 00:51:39 GMT
vary: origin
server: cloudflare
priority: u=1,i

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
720 B 153ms
152ms Ping
text/plain 88.221.123.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a88-221-123-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 00:51:39 GMT
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=7, origin; dur=125
x-cache: TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 00:51:39 GMT
x-akamai-request-id: 17f4395c
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012b40a28454a94e1d86958fa61f79547318b1920a65eed802ecf0f34a9a9b6e83f18bdd4e4d259f03ad5ccc7146c88f0b38c57e841d7e728ffb2a84f97b02dd2b2e7410c501b64df5a58653b28f8ae8da9da9dd0d76ffec077a8705c1e2eb3457
x-origin-response-time: 125,88.221.123.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24122200513908EA07F02BA534DFD0F0-47314E076C6C0EA3-00
content-length: 0
x-tt-logid: 2024122200513908EA07F02BA534DFD0F0
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
721 B 476ms
470ms Ping
text/plain 88.221.123.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a88-221-123-11.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 00:51:39 GMT
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=20, origin; dur=433
x-cache: TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 00:51:39 GMT
x-akamai-request-id: 17f4395d
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012b40a28454a94e1d86958fa61f79547318b1920a65eed802ecf0f34a9a9b6e8394852f6bfaa85690ce457cdae1c94470adf92ada5192bf4c2dab95ff04aae5158e6aa9bd185ed97895878884343e5b31d13abe98b70cc6c2cd23c90a18e0497b
x-origin-response-time: 434,88.221.123.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24122200513968C32A4A75FC08DC14CA-22923391367CE4F9-00
content-length: 0
x-tt-logid: 2024122200513968C32A4A75FC08DC14CA
server: nginx

POST
H/1.1 200 NRJS-8ff5632b9fea0cdb796 Show response
bam.nr-data.net/events/1/ 24 B
358 B 601ms
600ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-8ff5632b9fea0cdb796?a=1522542894,1522536193&v=1.277.0&to=MlAAMEJRV0UCAEBeCgsaLzJzH3FZDgZ3WAsRRw0IXFVLGSoNUFId&rst=3429&ck=0&s=b74bdaca74e21cac&ref=https://xhtgfgf98635467xyz12.btewq.workers.dev/&ptid=18e2c3ed30714786
Requested by: Host: xhtgfgf98635467xyz12.btewq.workers.dev
URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://xhtgfgf98635467xyz12.btewq.workers.dev/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: https://xhtgfgf98635467xyz12.btewq.workers.dev
Content-Length: 24
date: Sun, 22 Dec 2024 00:51:40 GMT
content-type: image/gif
x-served-by: cache-mad22026-MAD

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gtm-wlpt4gr-zdhlo.uc.r.appspot.com
URL: https://gtm-wlpt4gr-zdhlo.uc.r.appspot.com/g/collect?v=2&tid=G-RF1R3QHMJT&gtm=45be4cc1v869331089z8552965za200&_p=1734828698841&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=2117385058.1734828699&ecid=1071304135&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=c&sst.etld=google.de&sst.gcsub=region1&sst.tft=1734828698841&sst.ude=1&sid=1734828698&sct=1&seg=0&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&_s=2&tfd=2933&richsstsse

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.stape.do/events/711b951b39d3e6eb71b29f2759caf3eebe11a771f3f3e53fe72bd304817e4a3a	1970-01-21 04:03:24	Name: cee Value: LIgYhTXgFs%2F12gG%2BBmHkUT6MlUFP5zJUrR%2BH1cYpJUE%3D.%7B%7D
xhtgfgf98635467xyz12.btewq.workers.dev/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fco1cczjo0ebqneulksdjg0e
xhtgfgf98635467xyz12.btewq.workers.dev/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 1sHpmVMY1eZVUjotlLEJuQixrHYnjDcPIiO7ZHPsVoPSFFhaKhzzp2HS3hXVjIsAw0-8w1uMkXevLmy7pb3FdsknkbluW0yVXWsUr9gJDhk1
.btewq.workers.dev/	1970-01-21 11:29:48	Name: _ga Value: GA1.1.2117385058.1734828699
.btewq.workers.dev/	1970-01-21 04:03:24	Name: _gcl_au Value: 1.1.1005622689.1734828699
.btewq.workers.dev/	1970-01-21 11:29:48	Name: _ga_RF1R3QHMJT Value: GS1.1.1734828698.1.0.1734828698.60.0.1071304135
.btewq.workers.dev/	1970-01-21 10:39:24	Name: _hjSessionUser_572361 Value: eyJpZCI6IjQ2NTg3YTQ1LWMyNzktNWYyYi04N2IzLTcwYTliYjVlM2QzYiIsImNyZWF0ZWQiOjE3MzQ4Mjg2OTkwNjYsImV4aXN0aW5nIjp0cnVlfQ==
.tiktok.com/	1970-01-21 11:15:24	Name: _ttp Value: 2qY9Zo3tjcYLFJ4ezZTFzZo2AEi
.btewq.workers.dev/	1970-01-21 01:53:50	Name: _hjSession_572361 Value: eyJpZCI6IjBkNmU3MzJiLTAwMGUtNDAyZi05NTZkLTFjNDc2MTVhOTg2MyIsImMiOjE3MzQ4Mjg2OTkwNjYsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.doubleclick.net/	1970-01-21 01:53:49	Name: test_cookie Value: CheckForPermission
.btewq.workers.dev/	1970-01-21 11:15:24	Name: _tt_enable_cookie Value: 1
.btewq.workers.dev/	1970-01-21 11:15:24	Name: _ttp Value: yKMO83NJLxqFG5i1DbDxTwzuI_D.tt.2
.btewq.workers.dev/	1970-01-21 04:03:24	Name: _fbp Value: fb.2.1734828699301.974740767555435818

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://xhtgfgf98635467xyz12.btewq.workers.dev/ Message: Access to fetch at 'https://gtm-wlpt4gr-zdhlo.uc.r.appspot.com/g/collect?v=2&tid=G-RF1R3QHMJT&gtm=45be4cc1v869331089z8552965za200&_p=1734828698841&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=2117385058.1734828699&ecid=1071304135&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=c&sst.etld=google.de&sst.gcsub=region1&sst.tft=1734828698841&sst.ude=1&sid=1734828698&sct=1&seg=0&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&_s=2&tfd=2933&richsstsse' from origin 'https://xhtgfgf98635467xyz12.btewq.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://gtm-wlpt4gr-zdhlo.uc.r.appspot.com/g/collect?v=2&tid=G-RF1R3QHMJT&gtm=45be4cc1v869331089z8552965za200&_p=1734828698841&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=2117385058.1734828699&ecid=1071304135&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=c&sst.etld=google.de&sst.gcsub=region1&sst.tft=1734828698841&sst.ude=1&sid=1734828698&sct=1&seg=0&dl=https%3A%2F%2Fxhtgfgf98635467xyz12.btewq.workers.dev%2F&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&_s=2&tfd=2933&richsstsse Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-cdn.mypurecloud.ie
apps.mypurecloud.com
apps.mypurecloud.ie
bam.nr-data.net
capig.stape.do
cdn.seoplatform.io
cdnjs.cloudflare.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm-wlpt4gr-zdhlo.uc.r.appspot.com
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
xhtgfgf98635467xyz12.btewq.workers.dev
gtm-wlpt4gr-zdhlo.uc.r.appspot.com
104.17.24.14
104.18.10.207
142.250.185.226
142.250.185.67
142.250.186.163
142.250.186.40
142.250.186.68
151.101.131.52
157.240.0.35
157.240.251.9
162.247.243.29
172.67.177.70
172.67.204.114
18.66.102.51
18.66.122.61
2001:4860:4802:34::36
216.58.206.34
2602:816:5001::39
2606:4700::6812:bcf
2a00:1450:4001:812::2008
2a00:1450:4001:82f::200a
2a00:1450:400c:c0b::9c
52.21.88.24
52.222.236.122
54.155.186.43
54.72.101.119
88.221.123.11
002c5594b9fe3a7b4126e8185fb0959a27eae687ba2ce30e634d6e2b8671a0c4
0095680eb1aa2be64cc404ad9bc69b13ed063d7e02bd81d088b02a3d8c14751b
01c33068e9076a8d5385f0ff6bdeeb87a7c2112641c221775c9304ba2282eb4d
0629bbccb0516a94ea90b1b88ff9be9e1a9f5a46512619bc902022e4809ead12
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d26299c3ae647f7fcf647148375acdfbdd51f806ba539ab2761f1e83a505ddf
12153113b97225b947d98dd7e4645ce07bc9bf350c790b8c144534e33edf3e54
188bbfc09db2a6b3bdef0bc7e771daf36a0f37187d87aa2dee1550c0dd115f7d
1adc96ac2c917962f21791099af97f87ebc4b2c75c123fcd97aa3138458f9385
2395a04df486f333bab8ee30152a9c10898d97b9634ded85e964b8e0b45a4e9c
2438d87960cd92b0bfb0c474e6cd4ef0ac3901c586f25db294088e7498eff983
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2558e574edbdf92876a6a9708c9d30e131aa866c3993762165ffa8af71e557fb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2661f1c212e4b67a47aae98159751cff3499c47b73ebc34e09b6fc6f638b68c1
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b463524c254188c40482d5362c832f78b852c1dd2661f84c904ff47f78eaed2
2b516743e6f7a2d27b2e4654001231dd8a182eaea637b11d4f065d4b935629db
313558df442f8744c8fa247a15f850d09f7ba82ab92aad6ecb51673323163966
34c5050489789218c42a6673b9ce7fefb1a22bfa437823110081900c9d7ddab9
3b7019f0c310bb3b78c1595f2bc96bad82d45b27c4eb14678fa4bd939b4192e3
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
44f3ac82b2b794abe6e7ad266f4a68aa41c11b461d5e04c0fbcf79e3c2e2f9cf
4706019b32d3193aaf145888caaa5f9dbb350a7d3a70cec74ed8a8f89eeaa8ff
49d743869e5452339b16c54c0f4242bc5ac9121bed40c38d6c1c557360159e39
4ee0a7e1f1f5a49c53c6946bcdeda556efbc6ec350faf8bc4fb4a4241b419e7f
511fb5553ca7071365301c22b764d65b9274840291ccebb7e1a2d3497953dce3
5399abdc417a715c898de965f42e478f35277b30ed00ea05fe6dcd3e71dfe1f2
54169d2610e3a5f70ca3e30d6215feb8c95ffa2900147882378287fe0302875e
54a93775c58fff1978eb23b2f76fdd4704eae5c502ad86aaf6759afaa01f9aaf
5cd342f044b0dbd8a8a512ee91545ace53f8e13c678c698441a9c72799079ad9
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
60fa01b03e23c4d8f479359eb10dfb93425e8e953d3a766da428d544b121ae58
6dc071cf92a0ce3d98e1e19823a5a3d63ddf4238c69fe4bd0520d9c50dc7cb25
752ce87e1887acd67bfa6d0720dfad88210da3dbc7d6298f7d29bf3b2bf148c6
779db044e35779fb2ebfcf7ba658c37cad9407ec5b21574f5e46fdb4f87a7902
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79d97764cf07e9c5a1e43d3eb37157f6a03bb705f6cfed006146651983499b0a
7b89039e8ad7a37d96c34a01b52469f83cff2c4c68fbd3cf814ae2d66901b5a0
814f4541ede2c734469cedc556b4fb576d544a7c51a160d0cf06b359d90baa58
86c8229deb588765ac2329039b873cfb764d761ce9e62c91cae4d7216b5e5fd1
8ce2bf8791b33dc739f0aacfc913b41cd6b14d44772f9ae04112a0586b821464
8f122c1221df09ea7439fc6c3fb9197ec5419b5096eb805030f2d4c2c167a127
9a51312c229afd68154cde3a97bedf50c15e843261591a5a5aa47700b4e89da2
9e2cd4cbca3c7eea9e68c49976a54e9225ac5d1f8797f1f2e846b77ef5a8d207
9f07e231ebcec8195831bdf78826c19903e118ae21a42238935b3041bf78fdde
a5265d2181c9ca74440c43c610049c31d44316602015528f7c471f714ae7d5f2
a980baf0c9d8a25dc294bb6f547e8fa9267f7e4c2a9c6490735e2a2e344f2b22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
accb6d69d994c8c1c6073ca13e4a04e3fda462842c3197abd93e2595377e1792
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
b78226adee1166bcc7ff5fe2c475de396b467aa9e46a066b5b2c5d19acd857a4
b790ee82df0a92b7b7896b503e861d3b9ab681e09bdf4369addcea37032c68c0
b9931f62b188c5bfbd1bd58db2f3ea8db05de0fac66e143915b6e58919b509b2
ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228
c4b85c7b41546b0775d504b0aef5d2c124f4a0784ea253681fd7145c072c2008
c4d9d2edef75ae3ed7e7ce903c9246400f3cf7ce1b1286b24eee14a31162ad9e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdb657ef470b5370431a64f2a8775107cbbace1415c42d5a0380b57f2ee7a9c4
d3d4933e33e27efbf4b9cb04cca73d6f6146e7b3323b7c55b0d75dcba8dc3def
d8951763edf874021264f751f94f76c799453023d7ba10bdbf9c492810316c7d
d99902464ea5a053d3834285e12852d7f460a08ca2b9d2b87c6c3137990286e0
da68ddf674a41b4f7417824058bb1a54b03a67d211f9681d47d782689135074e
dba5fb9d29d8bb936a69b1d70d0a464ba508619421c552cc6f57ca4cbd0de5bf
dc3462d9c5692acdca26b8c390bb2b40d8e4ec8cb61806edc23a420ea215ccd6
de20a5f7b3acd8a15e44196f834f061fb9d35c0e2596ee8b581641241d76470e
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb06a574f6233c0ae6cde135b77010881d6697fc7982308adf1d2b04c48c919e
eba7f152f487006a95becd0cb302e300795b4c17361155b5437d2b643e71b695
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4572ded17dad62a527441473b60bf7e3e4f308e69f1607782b9258cd2561b63
f54a071fcbf7254c26d342ba696ea76c0f0f433f326d6a90c853dca1f75c6119
f7017ad07d71381f8c8611a6a6f39fae9710bf0a59364f52c053341e7ffbffd2
f9a85540c760967c1e66129c0188b11b57d6ed03b5391de1c5843e98028b1673
fd9ccc1f685442373c5b3bf97c3abe763e642a77641e830edb6c3d91c242e62b
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

xhtgfgf98635467xyz12.btewq.workers.dev Open in urlscan Pro 172.67.204.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

98 %HTTPS

22 %IPv6

22 Domains

26 Subdomains

27 IPs

5 Countries

3798 kBTransfer

10232 kBSize

13 Cookies

15 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xhtgfgf98635467xyz12.btewq.workers.dev Open in urlscan Pro
172.67.204.114 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

98 %
HTTPS

22 %
IPv6

22
Domains

26
Subdomains

27
IPs

5
Countries

3798 kB
Transfer

10232 kB
Size

13
Cookies

94 HTTP transactions
0 data transactions