client.frcaptures.com Open in urlscan Pro
2606:4700::6813:fe12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://client.frcaptures.com/
Submission: On August 13 via automatic, source certstream-suspicious (August 13th 2024, 11:25:01 pm UTC) — Scanned from DE

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 58 HTTP transactions. The main IP is 2606:4700::6813:fe12, located in United States and belongs to CLOUDFLARENET, US. The main domain is client.frcaptures.com.
TLS certificate: Issued by WE1 on August 13th 2024. Valid for: 3 months.

This is the only time client.frcaptures.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	2606:4700::68... 2606:4700::6813:fe12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	20.57.85.160 20.57.85.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	13

34 2606:4700::6813:fe12 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

client.frcaptures.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.hd.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.57.85.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	hd.pics media.hd.pics — Cisco Umbrella Rank: 745325	1 MB
11	frcaptures.com 1 redirects client.frcaptures.com	637 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 e.clarity.ms — Cisco Umbrella Rank: 18352 c.clarity.ms — Cisco Umbrella Rank: 1838	28 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641	107 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	278 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6716	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	312 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
2	gstatic.com fonts.gstatic.com	53 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	75 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	770 B
58	12

	Domain	Requested by
23	media.hd.pics	client.frcaptures.com
11	client.frcaptures.com	1 redirects client.frcaptures.com
3	www.googletagmanager.com	client.frcaptures.com www.googletagmanager.com
3	ajax.googleapis.com	client.frcaptures.com
2	c.clarity.ms	1 redirects
2	e.clarity.ms	www.clarity.ms
2	www.facebook.com	client.frcaptures.com
2	www.google.de	client.frcaptures.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.clarity.ms	client.frcaptures.com www.clarity.ms
2	connect.facebook.net	client.frcaptures.com connect.facebook.net
2	fonts.googleapis.com	client.frcaptures.com ajax.googleapis.com
1	c.bing.com	1 redirects
58	15

This site contains no links.

Subject Issuer	Validity	Valid
client.frcaptures.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
hd.pics E6	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://client.frcaptures.com/
Frame ID: 4F2974AAD3872D93AA1B29E029FEC20F
Requests: 56 HTTP requests in this frame

Frame: https://client.frcaptures.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js
Frame ID: AED10E847CAE8DD130ED1530E7BCD222
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

List of Sites :: FR Captures

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

58
Requests

97 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

2217 kB
Transfer

3909 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://client.frcaptures.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://client.frcaptures.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js

Request Chain 53

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=998790A156B7404888F9ACCAE9062D13&RedC=c.clarity.ms&MXFR=1EE64C25F67F618B396B58FFF27F6F01 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=998790A156B7404888F9ACCAE9062D13&MUID=09026CE21B5B6C5F28EA78381A306DA1

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
client.frcaptures.com/ 80 KB
12 KB 676ms
595ms Document
text/html 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49fa15333ad7955c66c14214ad1fd8f76e56cc6bf716e8da1a35b8179c6aaefd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8b2c7608be2a1999-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 13 Aug 2024 23:24:52 GMT
server: cloudflare
vary: Accept-Encoding
x-server: WEB108

GET
H2 200 css
fonts.googleapis.com/ 1 KB
876 B 52ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

beb761a0aff595ec9fa0d76354a16f4455fd3a5c827a3a2a881af72bf33778b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 23:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 21:25:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 23:24:52 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/ 35 KB
9 KB 43ms
8ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.css

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8324
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:11:32 GMT

GET
H2 200 all.min.css
client.frcaptures.com/art/fa/css/ 496 KB
133 KB 680ms
675ms Stylesheet
text/css 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.frcaptures.com/art/fa/css/all.min.css
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 05 Oct 2023 17:58:21 GMT
server: cloudflare
etag: "13ee6187b5f7d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
x-server: WEB101
cf-ray: 8b2c760c98af1999-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 main.css
client.frcaptures.com/art/ 34 KB
9 KB 490ms
485ms Stylesheet
text/css 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.frcaptures.com/art/main.css?v=303
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a87cd3eca3d1b0c5df6631e18049ab664f7911d0a8a31f8888d364f7642bb7b

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 15 Jun 2024 04:26:48 GMT
server: cloudflare
etag: "162353ddcbeda1:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
x-server: WEB106
accept-ranges: bytes
cf-ray: 8b2c760c98b11999-FRA
content-length: 9313
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
30 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:03:29 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 13:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 13:55:28 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
client.frcaptures.com/js/ 1 KB
1002 B 442ms
439ms Script
application/javascript 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.frcaptures.com/js/jquery.ui.touch-punch.min.js
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 09 Apr 2021 15:48:09 GMT
server: cloudflare
etag: "199a73bd572dd71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
x-server: WEB108
accept-ranges: bytes
cf-ray: 8b2c760c98b21999-FRA
content-length: 809
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 main.js Show response
client.frcaptures.com/js/ 128 KB
40 KB 576ms
573ms Script
application/javascript 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.frcaptures.com/js/main.js?v=303
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dcda96d9c6c823d5c598148a3b612d6860fe0f8cf05575c579192132018bd3a

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 01 Jul 2024 18:49:02 GMT
server: cloudflare
etag: "5f736557e7cbda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
x-server: WEB103
accept-ranges: bytes
cf-ray: 8b2c760c98b31999-FRA
content-length: 41323
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 apiv2.js Show response
client.frcaptures.com/js/ 12 KB
3 KB 468ms
465ms Script
application/javascript 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.frcaptures.com/js/apiv2.js?v=303
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8072c4a7a2bc59d0ee9488271c7e36229606533a6de4195f88f595f2b0a4d330

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 01 Jul 2024 18:49:02 GMT
server: cloudflare
etag: "ad841b57e7cbda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
x-server: WEB102
accept-ranges: bytes
cf-ray: 8b2c760c98b41999-FRA
content-length: 2912
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 snezeidw9k.png
media.hd.pics/1/ 494 KB
495 KB 722ms
678ms Image
image/png 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/1/snezeidw9k.png
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f8634c20c836f1f32883ee1fb841a7661106d1f66d499786819172165823e6

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
allow-range: bytes
x-server: BOT06
content-disposition: filename=1/snezeidw9k.png
hd-source: w-v1
cf-ray: 8b2c760cdd13372f-FRA
content-length: 506071

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 29ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Aug 2024 23:24:53 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 8zyKlkDwAX8AidhnQn08OnHUITdg1bOpie5jorfdnDBG72yYJCoHqC7uihSrWxxUZDhnAmspG5vwoJPghplQ4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 737 B
470 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

977b2ba617c26fc931319de6265247ebb115a6a53ca7f720405ab73b1783b48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 23:12:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 23:24:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 274 KB
94 KB 48ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0aee0131c197461c358cc78253b0d6bd47eedb0a1c08bf3a2fa17c0056a90078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95352
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 21:59:01 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 23:24:53 GMT

GET
H2 200 ks0vx48x2m Show response
www.clarity.ms/tag/ 638 B
1003 B 239ms
177ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ks0vx48x2m
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: daf85bbf8ab7534c0a4d1bffc5e834cf5f9e7f2f71869bfb98d4fcbdc6fa9dd8

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date: Tue, 13 Aug 2024 23:24:53 GMT
x-azure-ref: 20240813T232453Z-167f4bf9998mlmhw79vwfzxudw000000017000000000b689
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 638
expires: -1

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.frcaptures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 22:15:31 GMT
x-content-type-options: nosniff
age: 90562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Aug 2025 22:15:31 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 20ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.frcaptures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:27:21 GMT
x-content-type-options: nosniff
age: 32252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:27:21 GMT

GET
H2

200

main.js Show response
client.frcaptures.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/ Frame AED1
Redirect Chain

https://client.frcaptures.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://client.frcaptures.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?

8 KB
4 KB

16ms
13ms

Script
application/javascript

2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.frcaptures.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Server

2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94673334b41e4dbb38b8e27fb932ce7c7f6ff40b0f4a4d798e5371de1b30296e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b2c76109b181999-FRA

Redirect headers

date: Tue, 13 Aug 2024 23:24:53 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b2c76107b051999-FRA
content-length: 0

GET
H2 200 230469054215394 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 167ms
165ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/230469054215394?v=2.9.164&r=stable&domain=client.frcaptures.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f39dccf5bd7bd75b34316d013d587c84cca9b134a701ce8b18d96942d3c27800

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Aug 2024 23:24:53 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=64, mss=1328, tbw=64389, tp=-1, tpl=-1, uplat=158, ullat=0
pragma: public
x-fb-debug: B4c6OlswBGpmpai1lufaPySHqBLF6bJaM0xEKx5ihgSlpZVaxNGwqscQ3MXIHSWLF70RQirLA6USEBJlfwcjaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 e140lsrkv1.jpg
media.hd.pics/2/ 22 KB
22 KB 335ms
330ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/e140lsrkv1.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2364f42f94e637f6220795aab04cc694b24bbdbf3e1109364bdc95bcdc0a9dc6

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 3AE7ED952FE8BCFD:B
content-length: 22027
x-amz-id-2: cZTUtJEhMDlkg7N82LfE86DjaUezlTrh4PpWFmNe9jBcOXD6Y5FAl4cMQ8mX+tBVGy+xzxQjegXH
last-modified: Sun, 11 Aug 2024 17:31:28 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493417 38.73.225.101 ConID:3460608/EngineConID:40138/Core:47
etag: "424f033b72da424d337653704642bd25"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610df8a372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 nomedia.jpg
client.frcaptures.com/art/ 47 KB
47 KB 711ms
706ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client.frcaptures.com/art/nomedia.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2925a715e16c124a26c973aaec130948f5b7077a86d1b88157de2d3bdfec64c

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jan 2018 23:04:42 GMT
server: cloudflare
etag: "5ed74927986d31:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
x-server: WEB106
accept-ranges: bytes
cf-ray: 8b2c7610db551999-FRA
content-length: 47825
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 3muvql4iw8.jpg
media.hd.pics/2/ 21 KB
22 KB 327ms
322ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/3muvql4iw8.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cac00c1006ca836391724ee18cd37cd0778e97fb44daf0ea1de6f9bfe79be55

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: BB0DAB86B7E7B8F8:B
content-length: 21827
x-amz-id-2: +DnhKYLETH9Dc7Xf+WaWUikdPW5p1KH+Uec49uX8y9LmU5qePoGo1/Y/A91VIWTfIrw0wWZmCS+0
last-modified: Fri, 09 Aug 2024 19:23:43 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493419 38.73.225.107 ConID:3430397/EngineConID:40114/Core:65
etag: "0b5874fad5de55cc8d52dd2740380898"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610df8b372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 zpg9vsf6sk.jpg
media.hd.pics/2/ 5 KB
5 KB 349ms
344ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/zpg9vsf6sk.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72ba610806eb08b9955c746940e1374e4f465b04d477961db9f6af8fa6575c2

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 9B2612CC101C4557:B
content-length: 5050
x-amz-id-2: qa4ak3KUMAqgRWQG0d7FXSQkjRwKpZaCAnp26oOBHItu0wyM/rEYY3a2YL9DqToo2jrykQyajaLt
last-modified: Mon, 01 Apr 2024 08:18:10 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493475 38.73.225.105 ConID:3690108/EngineConID:43044/Core:73
etag: "32aadb8780ddb766345f232bea2624ed"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610df8c372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 tpj4q2bymw.jpg
media.hd.pics/2/ 28 KB
28 KB 337ms
332ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/tpj4q2bymw.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a17ab495fe333a84aa7a8285e63945c01a027e83d6a099cfda51f97601f0061

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 097E3511FA472AA9:A
content-length: 28197
x-amz-id-2: SdYd4TCGMtbkpUH+ynVNPrHWrovNQhWjMzvGHTKAq/Z6LxtnBuwlMl04nZRUrCP4cQ6sugIA3lMB
last-modified: Thu, 01 Aug 2024 17:42:41 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493420 38.73.225.101 ConID:3460613/EngineConID:39628/Core:15
etag: "830f0ae27ffd9163d0f8865a18346c6a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef8f372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 16iwgxbgzk.jpg
media.hd.pics/2/ 20 KB
21 KB 351ms
347ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/16iwgxbgzk.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566a129d7903b5814c2cab45a5bda76eb58a04673b367a6b87ca6be14bebf935

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 4EDCD4769B7C822D:B
content-length: 20773
x-amz-id-2: VYcNY6vIWAVEuH3g2qjeVitw+5XXlIJzMCtCC9N58dJBZjZE8Uk/DAsMJ+ny1t+7cfjjCQfHbGff
last-modified: Tue, 30 Jul 2024 23:58:22 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493419 38.73.225.106 ConID:3430391/EngineConID:48955/Core:70
etag: "dde9aa1cef5bcebd02858f0e4868e45c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef90372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 wg82yan1lg.jpg
media.hd.pics/2/ 30 KB
30 KB 410ms
406ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/wg82yan1lg.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c785e2d335ef95c7d806a911a3e37fda557051c8f8a51d4f7dec46b5d3b95a

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 595959339C95ACB1:A
content-length: 30300
x-amz-id-2: V/JBkt0cCHJ3CtO79/BKmAXiT4ojvKb44sIS9s7VNAuxUGptco+HGooydtNEn+jKqx1Nb2bZCOgp
last-modified: Thu, 25 Jul 2024 20:03:54 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493428 38.73.225.106 ConID:3430409/EngineConID:47729/Core:48
etag: "3cae1051d21ed4cc8ad9923344b09551"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef93372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 zo7r4bzois.jpg
media.hd.pics/2/ 2 KB
2 KB 253ms
249ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/zo7r4bzois.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d02b6c66fb8381838b373fa84c5fc16e2c5e9b151962d1fe48dd8bbb66dded

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: D5057E7730603050:A
content-length: 2152
x-amz-id-2: 0A8orAoScZOXjYvdr7Vb3ibi6c58y+1NTCRbAOFNnQwRC+DLWEY47NR3VT0NWPocL/wm7+xD4JWJ
last-modified: Fri, 05 Jul 2024 12:08:18 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493418 38.73.225.100 ConID:3460611/EngineConID:49690/Core:12
etag: "89c4c5ff258cb683fa166ffefa5dd47d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef95372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 jlbcsgf9o1.jpg
media.hd.pics/2/ 22 KB
22 KB 451ms
447ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/jlbcsgf9o1.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d63a3aab1e9fb35db759b6a937dc6bb7de58246323017ce630a790ab54eb94c

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 74D5C4C80344F262:B
content-length: 22280
x-amz-id-2: 6eTULyjgk03n6a9+XVa7hj4bFilmyMQCM2Rk64yZPrFMZGPM9/Vse8AQqGHRsco+9mJXUC71f3g+
last-modified: Wed, 31 Jul 2024 13:33:01 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493485 38.73.225.105 ConID:3690117/EngineConID:43772/Core:5
etag: "42b0664968c8bd66c1051d51be6f8c8e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef96372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 w92ha2k866.jpg
media.hd.pics/2/ 3 KB
4 KB 255ms
252ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/w92ha2k866.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 682c53796f592b977d1d43b00fefdf269300d45ccfdd0fcf3d8bdf55951bb158

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: E049687E8B9A78F2:A
content-length: 3367
x-amz-id-2: haorJQ3wilxKMFGMSIA+nBJx6YQX2TRxQhCjWscv6XKRb3D861buguxgvGOYUClRiGpmEd+Z6MNt
last-modified: Thu, 06 Apr 2023 13:50:54 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493420 38.73.225.105 ConID:3690076/EngineConID:42214/Core:45
etag: "92dd29660585b45bbce92b97d14fee96"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef97372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 rh5yer18fj.jpg
media.hd.pics/2/ 33 KB
34 KB 439ms
435ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/rh5yer18fj.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae74943aa7ed2b29fdf1ddb7fadde63aa647e51ab97c4207b335d059b99928c

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: C29A572A307AC08C:A
content-length: 34172
x-amz-id-2: nLYXseXesKRxUAN8ZHDEfOxrCLEhM76wb87mgfxy+pDqY0Q+Fap+AhFkC0oi431ZGFd2TIEGXMki
last-modified: Wed, 17 Jul 2024 23:38:00 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493477 38.73.225.104 ConID:3690114/EngineConID:52241/Core:2
etag: "7f3fad09030a82e2a7eeb43aff21f1df"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610efa1372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 aj8bpnl9ik.jpg
media.hd.pics/2/ 2 KB
2 KB 243ms
240ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/aj8bpnl9ik.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912705da6ba772cfba892ac54565a698d55e431a8a1bf5884221782e75bbb7a8

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: D8A31C60BE28D1DF:A
content-length: 2201
x-amz-id-2: rgQ4huunlcknSJL3C6heQOADcyw/w1tVd1O6EWwl1rMl2ezpddSCHRMo6FbIjnpYckdHKgSWEOje
last-modified: Wed, 17 Apr 2024 19:31:00 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493418 38.73.225.100 ConID:3460610/EngineConID:50418/Core:10
etag: "2fa7b94d1b9e71f5111e4db7a4cdd6bc"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef9c372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 v1kjzdlwk7.jpg
media.hd.pics/2/ 33 KB
33 KB 389ms
386ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/v1kjzdlwk7.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4e9efc0b79350649ef7169e30255d58d8e5527451932e456277a8fd83825a2

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: FAECC9FFC4258F2A:A
content-length: 33794
x-amz-id-2: S60NfeaSRJrgOZCq5h3w+q6/4imasedJWZDpHIDmruBSBen92YSNFnYtExZSfI5OKHYnu8WTZG+D
last-modified: Sat, 13 Jul 2024 18:17:36 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493430 38.73.225.105 ConID:3690077/EngineConID:42611/Core:79
etag: "0b41b10bd72e1b0cd8ec1c462a5a46e2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610efa0372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 5ypf5libue.jpg
media.hd.pics/2/ 14 KB
14 KB 388ms
385ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/5ypf5libue.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cb9e1f23c30c0118c59355e310dc733f41ff07dac18e254c5a8a388e01f37f7

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: C5E2E07285927661:A
content-length: 14118
x-amz-id-2: MpsR3zj5LSsxR2xFM82PSAxlYqBSkcfGilzislUcH6uuT/2sNweIAmDzN3cWvSJweRYT6aXYWbaH
last-modified: Thu, 04 Jul 2024 18:29:29 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493419 38.73.225.102 ConID:3577320/EngineConID:51150/Core:60
etag: "0bb6c46e9a6fafec791af164e0ff4653"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610efa4372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 8sue40ldpl.jpg
media.hd.pics/2/ 37 KB
37 KB 452ms
450ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/8sue40ldpl.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3772dd91cf8a556c01fb6e2207b36e5e811043996031c41e94d7c1ee56ab30

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 8E60E4C96344AE99:B
content-length: 37680
x-amz-id-2: 8s2DxbdQL/V9GRrB2HYpE88gcNdoBQE2A763lGF6lRVOnu74uqR28aFu/XqFuBG2IRfmiNffk9I5
last-modified: Wed, 10 Jul 2024 21:53:20 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493474 38.73.225.103 ConID:3577343/EngineConID:41745/Core:69
etag: "16b3d14747738166acc75387d78fc1f7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef9f372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 vd5i4b9zjm.jpg
media.hd.pics/2/ 40 KB
40 KB 338ms
336ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/vd5i4b9zjm.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e0efdfecbdfc352742e7b2937fd11e649d9bf50161cb94d4159940e8576dcd9

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 2AB2C37D15CFC196:A
content-length: 40919
x-amz-id-2: MfkM862vv0wK6DKM68/gG8x+E9UZV8tYLMo/cGJGZqwrVbWOKUM3GTgpKUyej2N2imPdPZ8DxCWa
last-modified: Tue, 16 Jul 2024 13:35:15 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493419 38.73.225.106 ConID:3430393/EngineConID:50033/Core:14
etag: "764433e04f1d0ea34ecec32fb6043d9f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610efa5372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 oadlarg63u.jpg
media.hd.pics/2/ 25 KB
25 KB 417ms
415ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/oadlarg63u.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4717e5b6befcdf15b0d0b190d8ce072e6699aa783545914765ad76ac6871e84f

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 758DA532F838600F:B
content-length: 25683
x-amz-id-2: rpgKTwDjLCgsakCBInxlOFRkSF+FhxE4k0fBgqErBXnfWa3TMu9IMiFOvl0Y+QN/S4BRDCvirqyQ
last-modified: Tue, 09 Jul 2024 14:29:57 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493419 38.73.225.101 ConID:3460612/EngineConID:39068/Core:63
etag: "12448dbd806b1d1ca2e2d63d265b7847"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610efa2372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 bp5d1clpfk.jpg
media.hd.pics/2/ 28 KB
29 KB 448ms
446ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/bp5d1clpfk.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a687bc82fc13ff28b58172b04af58225efdb83a928cd7232ba9ae29979f77620

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 4942668A5F119871:A
content-length: 28936
x-amz-id-2: Uw6cRYoGU54TqIVShSYrrhlFbrA9gNXICo8k5sVhdKbbWz25UO+ARvlI8ElnD/AeFBVsjGHUi7oF
last-modified: Tue, 09 Jul 2024 14:58:02 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493474 38.73.225.103 ConID:3577344/EngineConID:40952/Core:9
etag: "2592e21adae580be54db5bc95ab0852f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef9b372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 cl1stcmkc6.jpg
media.hd.pics/2/ 31 KB
31 KB 345ms
343ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/cl1stcmkc6.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a91098c42fe567988a59936113114aa31267487419cc3a62019b24e6cb72a44

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: B00E4A689AC314B6:B
content-length: 31952
x-amz-id-2: WPpJnRUjVCl3XVO786lylTrzRsgD0PC7hC2SmD0GGDkYXHWApPV5sydVUgteepwhSiKABWSMdlaK
last-modified: Mon, 08 Jul 2024 15:56:13 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493417 38.73.225.103 ConID:3577319/EngineConID:41129/Core:21
etag: "9b5c921483e4020fd3dba870a8433409"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610ef9d372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 h0sahxze94.jpg
media.hd.pics/2/ 35 KB
35 KB 353ms
352ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/h0sahxze94.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c358790ae718c0e8d01f995be786c84fb0b416d2a34cb553a04813ab84bed6c6

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 6A219C309A44AB60:A
content-length: 35418
x-amz-id-2: 5Q0bOi6OZwPzz3Ty4o7M/in9PEHSXe+QQ7TIou5dfv3PEDQZss8yAuK9f7Kg3oGYMbKr/I6ahDIr
last-modified: Sat, 22 Jun 2024 19:37:03 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493419 38.73.225.106 ConID:3430392/EngineConID:49587/Core:12
etag: "04318b7d41a84ab38ffa5a48c316e5be"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610efa3372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 1y4sufzqfg.jpg
media.hd.pics/2/ 4 KB
4 KB 262ms
261ms Image
image/jpeg 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/1y4sufzqfg.jpg
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b69c614c1f2e711837c65a477dc7cd8dcbb9ce1a2c3edb2a54ad343a3d87a5b

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
cf-cache-status: MISS
x-amz-request-id: 866A5F9FADE9E5B4:A
content-length: 4162
x-amz-id-2: zyvuZjtyOE7sI5HOyyFSXy/yHWtjzFKt9wLa9XAFfpfmb6KHWQNn5GUbv4wMxPsyX4yxpmsqcldZ
last-modified: Fri, 26 Jul 2024 01:44:16 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1723591493419 38.73.225.102 ConID:3577322/EngineConID:49820/Core:76
etag: "a4b8afb91ccacc16b2a872c11ba9e7c5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
hd-source: w-v1
accept-ranges: bytes
cf-ray: 8b2c7610efa7372f-FRA
expires: Wed, 14 Aug 2024 23:24:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
93 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

289fb220e5b18c8d43e11fa9398501d5c206c1e11a7910f8776ea2a74454b338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 23:24:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
92 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6c58f6eff7f9c739d114a660c7f6f7eb33c5c1bc9077425f64c79e513d8c614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 23:24:53 GMT

POST
H2 200 8b2c7608be2a1999 Show response
client.frcaptures.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AED1 0
364 B 48ms
44ms XHR
text/plain 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.frcaptures.com/cdn-cgi/challenge-platform/h/b/jsd/r/8b2c7608be2a1999
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
server: cloudflare
cf-ray: 8b2c76118bc61999-FRA
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 fa-regular-400.woff2
client.frcaptures.com/art/fa/webfonts/ 386 KB
387 KB 734ms
733ms Font
font/woff2 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.frcaptures.com/art/fa/webfonts/fa-regular-400.woff2
Requested by: Host: client.frcaptures.com
URL: https://client.frcaptures.com/art/fa/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51

Request headers

Referer: https://client.frcaptures.com/art/fa/css/all.min.css
Origin: https://client.frcaptures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:54 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Oct 2023 19:22:21 GMT
server: cloudflare
etag: "2b1a643c1f7d91:0"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=86400
x-server: WEB104
accept-ranges: bytes
cf-ray: 8b2c7611cc131999-FRA
content-length: 395444
expires: Wed, 14 Aug 2024 23:24:53 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 41ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MWE46F19LM&gtm=45je48c0v9123082311z89119306395za200zb9119306395&_p=1723591493152&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1424212143.1723591494&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723591493&sct=1&seg=0&dl=https%3A%2F%2Fclient.frcaptures.com%2F&dt=List%20of%20Sites%20%3A%3A%20FR%20Captures&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1902
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 23:24:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.frcaptures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 67ms
23ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MWE46F19LM&cid=1424212143.1723591494&gtm=45je48c0v9123082311z89119306395za200zb9119306395&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 23:24:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.frcaptures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MWE46F19LM&cid=1424212143.1723591494&gtm=45je48c0v9123082311z89119306395za200zb9119306395&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1913917729

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 23:24:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 14ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PC2TQ5FC02&gtm=45je48c0v9119313763z89119306395za200zb9119306395&_p=1723591493152&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1424212143.1723591494&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723591493&sct=1&seg=0&dl=https%3A%2F%2Fclient.frcaptures.com%2F&dt=List%20of%20Sites%20%3A%3A%20FR%20Captures&en=page_view&_fv=1&_ss=1&tfd=1930
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 23:24:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.frcaptures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 40ms
23ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PC2TQ5FC02&cid=1424212143.1723591494&gtm=45je48c0v9119313763z89119306395za200zb9119306395&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 23:24:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.frcaptures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PC2TQ5FC02&cid=1424212143.1723591494&gtm=45je48c0v9119313763z89119306395za200zb9119306395&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=278772837

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 23:24:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 22ms
21ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ks0vx48x2m
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:53 GMT
content-encoding: br
last-modified: Thu, 01 Aug 2024 19:54:07 GMT
etag: W/"0x8DCB263B4239D88"
vary: Accept-Encoding
x-azure-ref: 20240813T232453Z-167f4bf9998mlmhw79vwfzxudw000000017000000000b694
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 510baef2-d01e-0018-23b9-e8f1bc000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 40ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230469054215394&ev=PageView&dl=https%3A%2F%2Fclient.frcaptures.com%2F&rl=&if=false&ts=1723591493847&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723591493844.915371085905929466&cs_est=true&ler=empty&cdl=API_unavailable&it=1723591493223&coo=false&exp=f0&rqm=GET

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Aug 2024 23:24:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 174ms
143ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=230469054215394&ev=PageView&dl=https%3A%2F%2Fclient.frcaptures.com%2F&rl=&if=false&ts=1723591493847&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723591493844.915371085905929466&cs_est=true&ler=empty&cdl=API_unavailable&it=1723591493223&coo=false&exp=f0&rqm=FGET

Requested by

Host: client.frcaptures.com
URL: https://client.frcaptures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xaf737c19ce864847","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:6201277026650980","7830:6201277026650980","10853:6201277026650980","41:6201277026650980","8046:6201277026650980"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 13 Aug 2024 23:24:54 GMT
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402769095703023279", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3107, tp=-1, tpl=-1, uplat=135, ullat=0
pragma: no-cache
x-fb-debug: vLjW5mI+vd2NYTqTwBscNJfDOsr5U1jFdh0N+8DmEc6oN7MGaaw8q50xSYVYxSErDwMnWaAm1TViUbq2bdFU/g==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402769095703023279"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
285 B 400ms
193ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://client.frcaptures.com
Date: Tue, 13 Aug 2024 23:24:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=998790A156B7404888F9ACCAE9062D13&RedC=c.clarity.ms&MXFR=1EE64C25F67F618B396B58FFF27F6F01
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=998790A156B7404888F9ACCAE9062D13&MUID=09026CE21B5B6C5F28EA78381A306DA1

42 B
466 B

27ms
27ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=998790A156B7404888F9ACCAE9062D13&MUID=09026CE21B5B6C5F28EA78381A306DA1
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 23:24:54 GMT
last-modified: Thu, 01 Aug 2024 17:45:27 GMT
server: Microsoft-IIS/10.0
etag: "43fd8f983ae4da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 23:24:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9446E1AD9A73417F9857B562FD790A83 Ref B: FRAEDGE1407 Ref C: 2024-08-13T23:24:54Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=998790A156B7404888F9ACCAE9062D13&MUID=09026CE21B5B6C5F28EA78381A306DA1
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 vqo5j0u4ku.png
media.hd.pics/1/ 100 KB
101 KB 683ms
683ms Other
image/png 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.hd.pics/1/vqo5j0u4ku.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe61bced83d1bab6fc9a278ff11531fc0ad2bc7864e1a3c5a7ea220747cbe99

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
allow-range: bytes
x-server: BOT06
content-disposition: filename=1/vqo5j0u4ku.png
hd-source: w-v1
cf-ray: 8b2c761a1f06372f-FRA
content-length: 102787

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
285 B 99ms
97ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://client.frcaptures.com
Date: Tue, 13 Aug 2024 23:24:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 vqo5j0u4ku.png
media.hd.pics/1/ 100 KB
0 0ms
0ms Other
image/png 2606:4700::6813:fe12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.hd.pics/1/vqo5j0u4ku.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe61bced83d1bab6fc9a278ff11531fc0ad2bc7864e1a3c5a7ea220747cbe99

Request headers

Referer: https://client.frcaptures.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 23:24:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
allow-range: bytes
x-server: BOT06
content-disposition: filename=1/vqo5j0u4ku.png
hd-source: w-v1
cf-ray: 8b2c761a1f06372f-FRA
content-length: 102787

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.client.frcaptures.com/	1970-01-21 07:32:07	Name: sid2 Value: F0B276FDB083421FAAC3F549DB8D7CCD
.frcaptures.com/	1970-01-21 00:56:07	Name: _gcl_au Value: 1.1.2035826955.1723591493
www.clarity.ms/	1970-01-21 07:32:07	Name: CLID Value: b2f2067d9bd64e94aeb45640adabe319.20240813.20250813
.client.frcaptures.com/	1970-01-21 07:32:07	Name: cf_clearance Value: 8TOBjuAViZLFAhts._NzXITUBZrxEYH5ymAP4CTvP4s-1723591493-1.0.1.1-EiVdid57dwW0WNzbuGIvrzeZHf9ClRd1AtbzV5_jt4gYv5PqGWdwpi6pkUe5CnUL0LMjTHWFv2X.o.T0e6pmzg
.frcaptures.com/	1970-01-21 08:22:31	Name: _ga_MWE46F19LM Value: GS1.1.1723591493.1.0.1723591493.60.0.0
.frcaptures.com/	1970-01-21 08:22:31	Name: _ga Value: GA1.1.1424212143.1723591494
.frcaptures.com/	1970-01-21 08:22:31	Name: _ga_PC2TQ5FC02 Value: GS1.1.1723591493.1.0.1723591493.60.0.0
.frcaptures.com/	1970-01-21 00:56:07	Name: _fbp Value: fb.1.1723591493844.915371085905929466
.bing.com/	1970-01-21 08:08:07	Name: MUID Value: 09026CE21B5B6C5F28EA78381A306DA1
.c.bing.com/	1970-01-20 22:56:36	Name: MR Value: 0
.c.bing.com/	1970-01-21 08:08:07	Name: SRM_B Value: 09026CE21B5B6C5F28EA78381A306DA1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 08:08:07	Name: MUID Value: 09026CE21B5B6C5F28EA78381A306DA1
.c.clarity.ms/	1970-01-20 22:56:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:46:32	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://client.frcaptures.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.bing.com
c.clarity.ms
client.frcaptures.com
connect.facebook.net
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
media.hd.pics
region1.analytics.google.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
13.74.129.1
20.57.85.160
2001:4860:4802:32::36
2606:4700::6813:fe12
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
08f8634c20c836f1f32883ee1fb841a7661106d1f66d499786819172165823e6
0aee0131c197461c358cc78253b0d6bd47eedb0a1c08bf3a2fa17c0056a90078
0e0efdfecbdfc352742e7b2937fd11e649d9bf50161cb94d4159940e8576dcd9
1cac00c1006ca836391724ee18cd37cd0778e97fb44daf0ea1de6f9bfe79be55
2364f42f94e637f6220795aab04cc694b24bbdbf3e1109364bdc95bcdc0a9dc6
289fb220e5b18c8d43e11fa9398501d5c206c1e11a7910f8776ea2a74454b338
2b69c614c1f2e711837c65a477dc7cd8dcbb9ce1a2c3edb2a54ad343a3d87a5b
3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4717e5b6befcdf15b0d0b190d8ce072e6699aa783545914765ad76ac6871e84f
49fa15333ad7955c66c14214ad1fd8f76e56cc6bf716e8da1a35b8179c6aaefd
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
53c785e2d335ef95c7d806a911a3e37fda557051c8f8a51d4f7dec46b5d3b95a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
566a129d7903b5814c2cab45a5bda76eb58a04673b367a6b87ca6be14bebf935
5a87cd3eca3d1b0c5df6631e18049ab664f7911d0a8a31f8888d364f7642bb7b
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
682c53796f592b977d1d43b00fefdf269300d45ccfdd0fcf3d8bdf55951bb158
6ae74943aa7ed2b29fdf1ddb7fadde63aa647e51ab97c4207b335d059b99928c
6d63a3aab1e9fb35db759b6a937dc6bb7de58246323017ce630a790ab54eb94c
6dcda96d9c6c823d5c598148a3b612d6860fe0f8cf05575c579192132018bd3a
7a91098c42fe567988a59936113114aa31267487419cc3a62019b24e6cb72a44
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8072c4a7a2bc59d0ee9488271c7e36229606533a6de4195f88f595f2b0a4d330
8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498
912705da6ba772cfba892ac54565a698d55e431a8a1bf5884221782e75bbb7a8
94673334b41e4dbb38b8e27fb932ce7c7f6ff40b0f4a4d798e5371de1b30296e
96d02b6c66fb8381838b373fa84c5fc16e2c5e9b151962d1fe48dd8bbb66dded
977b2ba617c26fc931319de6265247ebb115a6a53ca7f720405ab73b1783b48b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a17ab495fe333a84aa7a8285e63945c01a027e83d6a099cfda51f97601f0061
9cb9e1f23c30c0118c59355e310dc733f41ff07dac18e254c5a8a388e01f37f7
9e4e9efc0b79350649ef7169e30255d58d8e5527451932e456277a8fd83825a2
a687bc82fc13ff28b58172b04af58225efdb83a928cd7232ba9ae29979f77620
a6c58f6eff7f9c739d114a660c7f6f7eb33c5c1bc9077425f64c79e513d8c614
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
beb761a0aff595ec9fa0d76354a16f4455fd3a5c827a3a2a881af72bf33778b3
bfe61bced83d1bab6fc9a278ff11531fc0ad2bc7864e1a3c5a7ea220747cbe99
c2925a715e16c124a26c973aaec130948f5b7077a86d1b88157de2d3bdfec64c
c358790ae718c0e8d01f995be786c84fb0b416d2a34cb553a04813ab84bed6c6
daf85bbf8ab7534c0a4d1bffc5e834cf5f9e7f2f71869bfb98d4fcbdc6fa9dd8
df3772dd91cf8a556c01fb6e2207b36e5e811043996031c41e94d7c1ee56ab30
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72ba610806eb08b9955c746940e1374e4f465b04d477961db9f6af8fa6575c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39dccf5bd7bd75b34316d013d587c84cca9b134a701ce8b18d96942d3c27800
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

client.frcaptures.com Open in urlscan Pro 2606:4700::6813:fe12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

97 %HTTPS

86 %IPv6

12 Domains

15 Subdomains

13 IPs

4 Countries

2217 kBTransfer

3909 kBSize

15 Cookies

0 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

client.frcaptures.com Open in urlscan Pro
2606:4700::6813:fe12 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

97 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

2217 kB
Transfer

3909 kB
Size

15
Cookies

58 HTTP transactions
0 data transactions