fdqwmw.top Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408#1649184900547
Effective URL:
https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Submission: On April 05 via manual (April 5th 2022, 6:58:06 pm UTC) from CL — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 47 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is fdqwmw.top. The Cisco Umbrella rank of the primary domain is 598686.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 18th 2021. Valid for: a year.

This is the only time fdqwmw.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3030::6815:d63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3035::ac43:ad9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	185.66.201.42 185.66.201.42	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
5	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
8	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
47	9

3 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

fdqwmw.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:d63 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3035::ac43:ad9f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.res.wiki	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.201.42 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: affilist.com

qoaaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.220 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	res.wiki cdn.res.wiki	239 KB
8	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7944	50 KB
6	jsdelivr.cc cdn.jsdelivr.cc — Cisco Umbrella Rank: 148271	103 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	324 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	452 B
3	fdqwmw.top fdqwmw.top — Cisco Umbrella Rank: 598686	18 KB
2	uprimp.com uprimp.com — Cisco Umbrella Rank: 125942	936 B
2	qoaaa.com qoaaa.com — Cisco Umbrella Rank: 146754	5 KB
2	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 8505	58 KB
47	9

	Domain	Requested by
16	cdn.res.wiki	fdqwmw.top
8	hm.baidu.com	fdqwmw.top
6	cdn.jsdelivr.cc	fdqwmw.top
5	www.googletagmanager.com	fdqwmw.top www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com
3	fdqwmw.top	cdn.jsdelivr.cc
2	uprimp.com	fdqwmw.top uprimp.com
2	qoaaa.com	fdqwmw.top qoaaa.com
2	1.bp.blogspot.com	fdqwmw.top
47	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-18` - `2022-09-17`	a year	crt.sh
*.res.wiki E1	`2022-03-05` - `2022-06-03`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
qoaaa.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
uprimp.com R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh

This page contains 3 frames:

Primary Page: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Frame ID: AF31C787BA56BEA28D7B462EC45EAE85
Requests: 45 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=164918507911884&xtt=149263
Frame ID: 7A9E00496457F3A40435B10FD5968FBF
Requests: 1 HTTP requests in this frame

Frame: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6215&maxw=0
Frame ID: 34AD9799EFEFA823C3BA03E3367861BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🎉️💸️️Copec Treibstoffzulage!👏🎁🎊

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

798 kB
Transfer

1809 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fdqwmw.top/UAeBHGkm/copeccl/ 90 KB
17 KB 162ms
73ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78602d6acdacc32df1e3400a36011c7e0760084f82fabd422a50d013cd037d68

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f7483382d8de92c-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Apr 2022 18:57:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfTg7LFdngvY9FZ92nEffKcWyWINxtFe1LGANmGvaJn%2FPPv3lLMuCuTIHvxQGH8TlA3v%2BJfv8H4xP%2B6gyjm3K%2Bwh9yjLcZ0pPn9w2LsP9hxqlUO6RbALy3uP4S9yLjj4fNO4ux%2FtaCvf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/ 87 KB
32 KB 120ms
65ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1529
x-guploader-uploadid: ADPycdvCxHltiuPjHL-zbbsBVwle0-vgYS2_pOmv1wzzQZrGSBqUE4vr5WQ_17FuwcGb_O0Ved79CT2MXZTd7QgSd4c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
server: cloudflare
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkEjdqMAt9TCQm2Vzp4LCPw4gz4i%2FhxG31akcgoC%2FH0O3fJiQYAdOhCD3KO%2FHfFmfABCMh4DyuwOFzrLPVbJBFrL%2BFlitIG6cGsUxMgpMjUKjNFqQaeNzRKE1FCIMITrPeFKya1i3yNuR4cyyZw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502217775195
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 89501
cf-ray: 6f7483391cc7733f-MRS
expires: Tue, 05 Apr 2022 19:32:30 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/ 62 KB
16 KB 119ms
64ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1071
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
server: cloudflare
etag: W/"c99230d2575380d7f95ff626606d2426"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FQAMfFnbCKRLSXdOThG%2BwyxHovuYLAfP7EWcGd0e7qJ3ftMs%2FvV%2FvbziC5YZL72lQdVzJWlerN7qrTOV8p%2BVQe8d%2B21ECsP5i9YBMBFlBkUt8h0O%2BQ%2BCjw7qwhv8sddMkOBSJw2iKM1g85LL9A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502614200576
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 63473
cf-ray: 6f7483391cce733f-MRS
expires: Tue, 05 Apr 2022 19:40:08 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/ 71 KB
20 KB 118ms
64ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1529
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
server: cloudflare
etag: W/"80924b62e5b3ac73aa4849776b439770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfzVaLBIC4Xsq6IZkcp4pRE7TA%2FX7DMVBJp9y6ABYYG3SnC5yFyt9YrsZgApgTX9KjKZiJ3PD7eWQviQDMNKGAVWHodNkwxz%2BmRsD1c1ithyUBY7xtK67ZPAksLRgtHnLyzfxKyb%2F%2BCYxE97deE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502839791727
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 72765
cf-ray: 6f7483391ccb733f-MRS
expires: Tue, 05 Apr 2022 19:32:30 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/ 5 KB
2 KB 140ms
86ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1529
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
server: cloudflare
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFGo6Vk9JjYahvQSGrO0xH5EeesGUVfHuvDzE6DRthG9YT%2F9DeD4Tm0CEyQS2ugEK41Fr9GnXwlltiZ6pTNJUabYzftSwFR6w5PSNYQ1kOaWibZHroQdlem39cuo%2BvrUVVnuu7EhC4z8QBGvW%2BU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502963816044
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4798
cf-ray: 6f7483391ccd733f-MRS
expires: Tue, 05 Apr 2022 19:32:30 GMT

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 96ms
42ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1529
x-guploader-uploadid: ADPycdu1_c45kD5Yfcahhyee5k60gFdhKF0DCxZU0gsZaJj5VB2X1mJ8GPzxrK27ja8jtIuK1TM4NgHxSepdplcvatU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
server: cloudflare
etag: W/"31c898c6d2ea13c30441657ff1900d81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8cEork2sleF6blCS3uQiu7190DP2tb5bFYMqquQ%2FjCAK3ZBZPVWcvwVkYWo%2FMIQWlXQGOJwUaSgP2NV4N5%2Boc0Yblu3TyJAWdiMWARe6VeDTqjSd9NsqkuhxwySX9iO2pc%2FT6Fea4Ys9AW8z3s%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647503084523089
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 21236
cf-ray: 6f7483391cc9733f-MRS
expires: Tue, 05 Apr 2022 19:28:27 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 94ms
41ms Stylesheet
text/css 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1529
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
server: cloudflare
etag: W/"feba0d0760607b9e21393156949afcd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUJaBFJSApRLaHjqTVEZK4IiabiChG8UNH0Qm9%2BkU2E5EeG3JMTGxT7moWvLikQuMwvXAOHexGCJs0%2F91nmqfz8lnBuS5aw9Tvg%2Fa%2Fy1MXbU9XsFMEUpEKF%2Bbt0d%2BRvmjRT86eKsfkw2ssJ6fjU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502692716912
content-type: text/css
cache-control: public, max-age=3600
x-goog-stored-content-length: 161415
cf-ray: 6f7483391cc5733f-MRS
expires: Tue, 05 Apr 2022 19:32:30 GMT

GET
H2 200 copec.hea.jpg
cdn.res.wiki/upload/ 10 KB
11 KB 119ms
43ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/copec.hea.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76747763da5346fcf8c29ed795c4d8c805054a9b3a0c86fa6b746937d96b2ed7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=XSbO2g==, md5=4M+V4ZtWSpu61mgLTFE2XA==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239
x-guploader-uploadid: ADPycdu_yL1R4aC8OlEQCUggrLiG7d6mgL5EE-xcrgn7J9Fe7WJzyZi2ikPn9ZbCXwxR9uon8rmLEuF9ur_CGR5PLCk1VQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10164
last-modified: Sat, 02 Apr 2022 21:13:11 GMT
server: cloudflare
etag: "e0cf95e19b564a9bbad6680b4c51365c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYOifcn2Y6IjyrDByb9fj3zPn0taiNRrgV1ZVBbL88d3GmN%2BIuSk5aWJt6iTQW%2B8oeTNVrSsdykfPJ0chG2oCfIENqeGzsiCaHxpk4UNcrfVJhkIcc9ry%2BbB3cSbLmhKoH0aBvhqkJrn%2FEo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648933991850259
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 10164
accept-ranges: bytes
cf-ray: 6f74833a1bc25fc4-MRS
expires: Tue, 05 Apr 2022 19:53:30 GMT

GET
H2 200 copec.heb.jpg
cdn.res.wiki/upload/ 4 KB
4 KB 406ms
349ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/copec.heb.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a8b513090ad90b639a864169e41669717ccefc30aac6442207d8fdf042b1e77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=Irk+Kg==, md5=0gk8YG1bOi1j9i0QE8vesw==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239
x-guploader-uploadid: ADPycdu7B9jaijVTGV7qFdQZg2uyc2aRCVG-ZvnsB7KuiBcQnDE8hncWpYaE3UbFnhyYiReu_4KaiGNRXOUw_VlIjJX8jQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4082
last-modified: Sat, 02 Apr 2022 21:13:12 GMT
server: cloudflare
etag: "d2093c606d5b3a2d63f62d1013cbdeb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHzrtJfK3QNv1WyE8qe5z%2BwwcJ0wBODWsYJD%2FiGTxVX8f9Fdm1oidgZ6xpwc1xMMpQ%2BMo0zbHhrYpXiedheaUYQseoDeyyXRVaxg%2FTUx8uhUqeL4M5Z8DjZeC7HLJlUaLg6E7u0ZSmEciD8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648933992337844
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 4082
accept-ranges: bytes
cf-ray: 6f74833a1bc85fc4-MRS
expires: Tue, 05 Apr 2022 19:53:30 GMT

GET
H2 200 copec.img.jpg
cdn.res.wiki/upload/ 62 KB
63 KB 384ms
326ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/copec.img.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6174249f12706d847e12f5421b4bcbdec052bd0c81a164ea04b3b0ed40576327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=eNS1Vw==, md5=xQ4S2e64To0ZfdvEJ60JpQ==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239
x-guploader-uploadid: ADPycdt7X332EK_FHWEY1-k9jL5YjCewINKuj3k-qChc83jnMA1nl-WUQw2a7RM3zQDHL3LS_U8x8bt6KqT4dS7XV_U-3w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63515
last-modified: Sat, 02 Apr 2022 21:13:12 GMT
server: cloudflare
etag: "c50e12d9eeb84e8d197ddbc427ad09a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJmotJj%2FZOraokx3E52dr9B3sZVCC5Pihb3sn%2FD2IiZOCuaMI7hvp7iCa8DcsNA4TSh4NoWQO1CgGZpns4GgNItY02H0DtzrDRaFZHswTURRJuQvwashROOy9YZ1gTckLxnXpWKG%2FpJjbqY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648933992820599
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 63515
accept-ranges: bytes
cf-ray: 6f74833a1bcb5fc4-MRS
expires: Tue, 05 Apr 2022 19:53:30 GMT

GET
H2 200 Germany_outbox.png
1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/ 44 KB
44 KB 36ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/Germany_outbox.png

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:46:39 GMT
x-content-type-options: nosniff
age: 4280
content-disposition: inline;filename="Germany_outbox.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44729
x-xss-protection: 0
server: fife
etag: "v605"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 31 Dec 2021 12:31:33 GMT

GET
H2 200 copec.bix1.png
cdn.res.wiki/upload/ 15 KB
15 KB 100ms
44ms Image
image/png 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/copec.bix1.png
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cca214050e6ae6e4211a1034d7c522a221a349db95b2e956e07ce80e2536f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=cX3RfQ==, md5=+ikfRrW343WCpt3CDigflA==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239
x-guploader-uploadid: ADPycdvjbesVjgCdVVdX-In7UzpdqYLTbM0NIO1deb71NTNThINDHQ3OzmWznX5UQDyG7tppR4DNUhx8V5FL3DlbdPYbCA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15008
last-modified: Sat, 02 Apr 2022 21:13:09 GMT
server: cloudflare
etag: "fa291f46b5b7e37582a6ddc20e281f94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fKV%2Bm50IoR%2FYMiF8jeFftsnN%2FgjgMMTWcKCrb5qnM8Nw0l%2Bft3zeNB5aXl1uwGxg4s4Elm5f%2BmoXoxRleA2ndbLU%2BKllVBsv7zyZpRNxaZfOfimqgyqPcpJpza%2B3SlEaTkVRJOwFSO1R5s%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648933989864726
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 15008
accept-ranges: bytes
cf-ray: 6f74833a2bd35fc4-MRS
expires: Tue, 05 Apr 2022 19:53:31 GMT

GET
H2 200 copec.bix2.png
cdn.res.wiki/upload/ 3 KB
4 KB 101ms
44ms Image
image/png 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/copec.bix2.png
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e756d129e4e0dda15323b82570183ab7af394b312a2874719c4fe5bf95e11e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=ti74lQ==, md5=K2ywgf4cL1+AHBPncmMbqA==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239
x-guploader-uploadid: ADPycdv72qXOFC0DlCZeU1XmzpivZG8HZkpRIvZKIbkj2fINa0sCfYtyNNiH4mWe7YH-f8lz-vv8hbxuVa7ga7uLCEzSEw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3199
last-modified: Sat, 02 Apr 2022 21:13:10 GMT
server: cloudflare
etag: "2b6cb081fe1c2f5f801c13e772631ba8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe5t4%2FbT9ZUUFSIDgY5ayhW%2BHc3bGXZhA7KfWCbRcHTTXYNpWDpwZF0FKQYFTMLKMQJe%2FIRIs3y8KnKznT3cq9Z8E1GDGDI40hnyUKZY5EffYRInt%2B3ESoZxO1RwjV7zHdgz2TI052WxE4w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648933990358875
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 3199
accept-ranges: bytes
cf-ray: 6f74833a1bcf5fc4-MRS
expires: Tue, 05 Apr 2022 19:53:32 GMT

GET
H2 200 Germany_inbox.png
1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/ 14 KB
14 KB 44ms
16ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/Germany_inbox.png

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 16:29:37 GMT
x-content-type-options: nosniff
age: 8902
content-disposition: inline;filename="Germany_inbox.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14208
x-xss-protection: 0
server: fife
etag: "v605"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 23 Oct 2021 08:07:42 GMT

GET
H2 200 copec.bix3.png
cdn.res.wiki/upload/ 23 KB
23 KB 103ms
47ms Image
image/png 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/copec.bix3.png
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc52ef6aae70c2ae4f8cee43c1de20e90255d391c9e0279c6c91545ed581043

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=bFNjig==, md5=NJhnVQm8+rpnLT85hjJe+A==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239
x-guploader-uploadid: ADPycduGH5VijTODdY59q-ZAt4npPGtrH0GWo4icqSBXFrubMmYlBVTwCQiLTd-9lBQ2eAxcM-b0i2yMLA0AZE_q2h7UHg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23232
last-modified: Sat, 02 Apr 2022 21:13:10 GMT
server: cloudflare
etag: "3498675509bcfaba672d3f3986325ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMZ0xgY6MRi9et%2BM9uLdhgGgIRObqY3fG1YkZEbujt%2B1d1%2B5YPC5nJYNxRxh870bWORgYwHOgTy5n4z96fzkZe1lqhndeqoDQ8gh897QimHOaZCdi%2FwcnSYtGLhKhjxtkicUSV6JizkVqyQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648933990849639
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 23232
accept-ranges: bytes
cf-ray: 6f74833a2bd15fc4-MRS
expires: Tue, 05 Apr 2022 19:53:32 GMT

GET
H2 200 responsive.js Show response
qoaaa.com/js/ 3 KB
1013 B 124ms
41ms Script
application/javascript 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://qoaaa.com/js/responsive.js
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: affilist.com
Software: nginx /
Resource Hash: 4987d5f43ecfeeb96384876eb9247b9653c4cb66628a594cfe87e922ab0a18b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
last-modified: Tue, 21 Dec 2021 14:23:16 GMT
server: nginx
etag: W/"61c1e354-b1d"
content-type: application/javascript

GET
H2 200 bnr.php Show response
uprimp.com/ 427 B
681 B 146ms
36ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 9a570eadfd61c6d02bace1e6b2f6f64ecf4c4129556a085fe9cc859cbb60a7aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 18:57:59 GMT
last-modified: Tue, 05 Apr 2022 18:57:59 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Tue, 05 Apr 2022 18:57:59 GMT

GET
H2 200 bjdskdoodd.jpg
cdn.res.wiki/upload/ 23 KB
24 KB 328ms
317ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/bjdskdoodd.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 518cfaac34017c99f3c4fe2fc064d9a7b768c5b050c976a4cf13e904e6c21e27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=TuyqwA==, md5=9dwB2wHGFX+dH2/ceRWaNw==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262
x-guploader-uploadid: ADPycdsQVDsUap1MgpFfjx_nYwCr_qF0APifpq5ZHwS3mfPG8LYaI4K64orTfGTCEx6OiDN4x9XZF3zAAcqppVgrqhOfWuPaP-2u
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23974
last-modified: Sat, 02 Apr 2022 21:09:13 GMT
server: cloudflare
etag: "f5dc01db01c6157f9d1f6fdc79159a37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyD0A0epNKPstldTafLvN8ZftO0uF80myL148aCRq2eGIv4TxT22rSZr0dhmVfz8yinuN14UZuwAb%2FsSmdYRUTaBHLoHN2sn%2F%2FuV4xbDlMFDC7o5sk4e2L0kWt43t3W2L0wjsr%2Fu6DuLOgA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648933753533994
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 23974
accept-ranges: bytes
cf-ray: 6f74833a8cb65fc4-MRS
expires: Tue, 05 Apr 2022 19:01:09 GMT

GET
H2 200 sfdsuu.jpg
cdn.res.wiki/upload/ 5 KB
5 KB 327ms
317ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/sfdsuu.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af22e5cc8419c056d91c1e2331fd8ff350b834344aadbc5c4240a244829b7bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=OXapWA==, md5=8Wfp/WxU8ggXBLZE1DRlzA==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262
x-guploader-uploadid: ADPycdt54-1NpvQdlr5IsUSakpfZj2715Iu_qPXCDU_Lk0pYeQliJxjm2TUIfhTQW3fmq4mLR-Su1FvswWhsfbVcxyDVKzvwcowT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5055
last-modified: Sat, 02 Apr 2022 21:48:45 GMT
server: cloudflare
etag: "f167e9fd6c54f2081704b644d43465cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Xxw4BraYy2T41cb8QbLJtU8ym%2FwRH0xs%2BniYl2aR79DgShrMio6cO3%2BTlTd14XNZiPyhvY4A%2Fxq9mggoW6zqWsEodcF0forzBn83f2VOhJzsVp6OrG4KSjSrM2whaq1dx0hQwqlRg9w0SI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648936124990865
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 5055
accept-ranges: bytes
cf-ray: 6f74833a8cb85fc4-MRS
expires: Tue, 05 Apr 2022 19:01:09 GMT

GET
H2 200 dsdsthiopia.jpg
cdn.res.wiki/upload/ 11 KB
11 KB 329ms
319ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/dsdsthiopia.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62334607590e8418de482a52b105bd0d3e7a15e496f96245ad27fd19d3070a50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=xLUdzw==, md5=uINmpzJOD6xNQQllD9S8Ag==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2874
x-guploader-uploadid: ADPycdu5idur2PrYlPhxZQbigWhZlQgBpGRr3kOzHxpfs8kivopdxcGLWj1fb1YmBJwybLCLT6CY88N6snAVFsg11PtL2PMOos9T
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10918
last-modified: Sat, 02 Apr 2022 21:17:09 GMT
server: cloudflare
etag: "b88366a7324e0fac4d4109650fd4bc02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF2MC6uJ4gO47B5HPrEAtlCZYVUyuLMg%2FQEiSCw9%2FMhEmWKDQtcS8aSro1NjpUbD7z93PqKvhw7P%2FcspJJAB82zPrj7GZCZXXQoXdvaLxsfgjW91JK9YOIVOXCsMiRmaY0xGPVjXHAyZS68%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648934229923419
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 10918
accept-ranges: bytes
cf-ray: 6f74833a8cbe5fc4-MRS
expires: Tue, 05 Apr 2022 19:10:04 GMT

GET
H2 200 dssdfoosll.jpg
cdn.res.wiki/upload/ 9 KB
10 KB 327ms
317ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/dssdfoosll.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0380a97f39276e28b8790a6994cf1fe5d1077aa800b8a2ad5cfc561cbbf646e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=e67L4Q==, md5=Rbz2NwS7+SxMOEKUfrusvg==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-guploader-uploadid: ADPycduw5tsT9ZJf--ek9ZIfPhPJmk39AzSGHdYBKk7L84t0OBmWYYql3A32HGIEaVe7JX3K9sA1GXwbstPFK-NHUiR2cA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9534
last-modified: Sat, 02 Apr 2022 21:17:32 GMT
server: cloudflare
etag: "45bcf63704bbf92c4c3842947ebbacbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flUh93PMhZsS%2F4iIeSnWTsP0zBTIJUgLIz6IDGYBYYyfq8U9WyMvJIgYMIG4hb6oHVl7LdvyNi4%2FO3a8fRqFJMm4d9j%2ButanJ51bVw9VhPV7k%2F6wEQtkU%2BFutjY6dxsXP7AoqQ0qN7%2Fs9es%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648934252736801
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 9534
accept-ranges: bytes
cf-ray: 6f74833a8cc05fc4-MRS
expires: Tue, 05 Apr 2022 19:57:27 GMT

GET
H2 200 dssdfoow.jpg
cdn.res.wiki/upload/ 8 KB
8 KB 329ms
319ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/dssdfoow.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eedc62f3ea874c29aca4c42666c57bc95ebd80dd48da44ee46e204ccb9cadc37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=D4p9MA==, md5=XKFOfQeInm3cCQH5vafZqw==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-guploader-uploadid: ADPycds11Ht8XLhjWkzRwXibiTpHO4j_ujTnlnbYIQ5k9b41Yzd_dhMPO98saNnRbyGVviOKDIbq6sW-m10K_MI0YSm3Ag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7897
last-modified: Sat, 02 Apr 2022 21:17:33 GMT
server: cloudflare
etag: "5ca14e7d07889e6ddc0901f9bda7d9ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbaDYQaHfbJS2SSlY6ScBDsGSOL6eRklnBILe6nnVA5aKL9ojhUXwKR6pqbsS%2FWXwJBRMccAPJEw0IFV%2F63Rjq82I7MiEqSiJBci8GMyDbvbqDtW9QJL0IPyPjYgHv54%2B0nDQVzVrSLqZgY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648934253729014
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 7897
accept-ranges: bytes
cf-ray: 6f74833a8cc35fc4-MRS
expires: Tue, 05 Apr 2022 19:57:27 GMT

GET
H2 200 dssdfoosww.jpg
cdn.res.wiki/upload/ 11 KB
11 KB 329ms
318ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/dssdfoosww.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9bf67e49f1a24b7341e51252249b7c0f025cc43e61b3fb1b6f1edfa2942eaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=rSgDQA==, md5=xu4ukU3XYoefqISC/1vsdA==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-guploader-uploadid: ADPycdtWpcKE9Eh2hiPmnMT6aabyOu9zNqiLFnYrSfCvgS53sdzjkimXYB6KzioD8SY0vvqNvc22asybuukNLrGkoQP57g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10798
last-modified: Sat, 02 Apr 2022 21:17:33 GMT
server: cloudflare
etag: "c6ee2e914dd762879fa88482ff5bec74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TQedu%2Fy3H9zN7hBDRa8Wkz8EpfELWJdZ%2BsWeVtgNAp3GryieyaP7cNuOLfAcO43gsnKZ%2BvYepMcj9nwx8GDf%2BgdosZphtLgE0TjeEM3M9dIwwRJgHwqnWZDhOcViqk9bTYMJzHZeZfta3Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648934253229680
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 10798
accept-ranges: bytes
cf-ray: 6f74833a8cc55fc4-MRS
expires: Tue, 05 Apr 2022 19:57:27 GMT

GET
H2 200 deguos.jpg
cdn.res.wiki/upload/ 14 KB
15 KB 328ms
318ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/deguos.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c075f4b04bdb89c9a52e0558e2663250fd842cf53394536f373e8e630fd9e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=hz0rVA==, md5=/hQTIvFAqNleUC+kizNZ4Q==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-guploader-uploadid: ADPycdtf7IIn2yoxlWlNliZ3C5VkS6q3B6GsPWAKPzBxDYTkBGvd9ahb9FVj4RtFMeO0NgCUVbnEOOWjOhGRbcDL-A_JzQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14651
last-modified: Sat, 02 Apr 2022 21:14:52 GMT
server: cloudflare
etag: "fe141322f140a8d95e502fa48b3359e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKbv6foSToXstM6L3bLVpTHVXsoHgGcX3C1UgggOQyJ9VTL3l6rCFDxHHIDh4gYKDLDoEs1Cd2AgthRJh6YRF1hxHoJXbSf2tzjAdiKGn9Yx7M5A8MU6ZJDk%2FNNGrXw3bPzWurjE9occKHE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648934092548077
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 14651
accept-ranges: bytes
cf-ray: 6f74833a8cc75fc4-MRS
expires: Tue, 05 Apr 2022 19:57:27 GMT

GET
H2 200 feiddsd.jpg
cdn.res.wiki/upload/ 11 KB
11 KB 328ms
318ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/feiddsd.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69151d1695e09c7dbb4b64932236ca49f3345e641956ac92f75f835c6bab136d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=qRuUew==, md5=rcbnsidj26toJ4nqcXA4Dg==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1694
x-guploader-uploadid: ADPycdsAizkZ3X5IJsLRfD7bPKE8FUOrt5Oog2uzUV0SbleLS2wd1vkSYEi7TNSx42D9kJmUrwfGALglAWoQuvzL7nkXIx6xow
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10894
last-modified: Sat, 02 Apr 2022 21:21:03 GMT
server: cloudflare
etag: "adc6e7b22763dbab682789ea7170380e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwQmxDO%2FDzvqEFqR3XYQb9ufKgZlEZdquFHk60m7lNYtNzkiPnHrkhyR9Ncp5dqFlojHYeuWXWAZeLhdOA5f2aCAaT0ZXnHjEXwQ3A%2FlupLwH5VSWw7q9wWqoveCywnrnSnJxvoGNvldL9w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648934463036918
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 10894
accept-ranges: bytes
cf-ray: 6f74833a8cc95fc4-MRS
expires: Tue, 05 Apr 2022 19:04:52 GMT

GET
H2 200 healsd.jpg
cdn.res.wiki/upload/ 10 KB
11 KB 327ms
318ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/healsd.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a51cd0b99fdf6d9a20fa8f799ad90e2b570745d50decd48a872f4b5c5cd1883

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=s5B2nQ==, md5=yvKBOigXmMsKqNPqgIWyrQ==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2736
x-guploader-uploadid: ADPycdvibcmyS8cpkQFxXCrO78EsXO2uXmdHyINum36QWv9zD4WG2M4HegMiCGPh-SZiDWgdKNphpt1i2ZTAjBosVQ4drA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10576
last-modified: Sat, 02 Apr 2022 21:25:25 GMT
server: cloudflare
etag: "caf2813a281798cb0aa8d3ea8085b2ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7fxcxNdY9d6mZZ3S8Wq9NfYw6XH3JWi3QuH91N%2B%2FO1kwJWhIgr7k3nNoOTQLLSPABV7eV1FOr2%2BiSK%2F9PitVmw01TFHuMdykW4WhXCHk%2BPcoaZrrH0RgyIfi9TkiCbTSHZuYNd9BUCKIss%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648934725737599
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 10576
accept-ranges: bytes
cf-ray: 6f74833a8ccc5fc4-MRS
expires: Tue, 05 Apr 2022 18:58:10 GMT

GET
H2 200 halzzpp.jpg
cdn.res.wiki/upload/ 11 KB
12 KB 328ms
319ms Image
image/jpeg 2606:4700:3035::ac43:ad9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.res.wiki/upload/halzzpp.jpg
Requested by: Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ad9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce580e987852055424603d0b6d8d3dce93ec101cc5248af91ad02a2332e393a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=DyZFog==, md5=eOAhkkEqs32+5kvQulpVDA==
date: Tue, 05 Apr 2022 18:57:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-guploader-uploadid: ADPycduI5rgso7U6fDqpD8Cll8LjVRoewH2veKVfIc6z2oEcBM0WfLcOBdYrrho3M14oMtqmLzFONLw1na0jSj7j2fFyMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11266
last-modified: Sat, 02 Apr 2022 21:25:06 GMT
server: cloudflare
etag: "78e02192412ab37dbee64bd0ba5a550c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FG3yOPawPU6bGOETW%2BIV5%2B%2BZpWHu7sNA%2B%2BqzNPBV3hY55Es6xYbQbPTefj6TOHbN9mXFGWZVey2fmDGrCj4zL5yMS%2BFDygEMc3WiW344pdx37RJo1pDWhof4B9EmLnc5DiBxBN5lcUf9eb8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648934706357970
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 11266
accept-ranges: bytes
cf-ray: 6f74833a8ccd5fc4-MRS
expires: Tue, 05 Apr 2022 19:57:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 61ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X0JR85KTWE

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6060ce6e82c534bbd10c1de163d4aa3ccaa6f11fcdab8dd079b106f413450801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66202
x-xss-protection: 0
expires: Tue, 05 Apr 2022 18:57:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 45ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2582e29f8d0ddcea5209528aacf9cd0b802ea579bec18543de99908d795c892b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66192
x-xss-protection: 0
expires: Tue, 05 Apr 2022 18:57:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 37ms
16ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f8873655152745cca277601407e4151460f34a6ec52dd42c282bc61d390cd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66192
x-xss-protection: 0
expires: Tue, 05 Apr 2022 18:57:59 GMT

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 7A9E 0
255 B 44ms
44ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=164918507911884&xtt=149263
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Tue, 05 Apr 2022 18:57:59 GMT
expires: Tue, 05 Apr 2022 18:57:59 GMT
last-modified: Tue, 05 Apr 2022 18:57:59 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 yuming.js Show response
fdqwmw.top/UAeBHGkm/copeccl/ 268 B
545 B 81ms
80ms XHR
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdqwmw.top/UAeBHGkm/copeccl/yuming.js?1649185079454&_=1649185079295
Requested by: Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 11:32:39 GMT
server: cloudflare
etag: W/"6246e2d7-10c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RG%2BguH3zWEgEekbqkmnXp%2B8JY8FMGypbQQrJBxqjzNzesP%2FpbyW%2Feb5JhdZ%2BXVFjES75wx22kqOtCcH7C%2Fu7VlKtymycUHBBypeky7Vusub%2BrkY9u0XHd5yJXVXD%2BpbZBSMen32v0kk3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f74833ab93fe92c-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 06 Apr 2022 06:57:59 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 999ms
378ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?bbb3e86814c9ceef66d180a6c15fa17d

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

5a6323020aa849a0b7e49e4ed7692c5ba727f35f177c4a1e95b7cb2d5c292473

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 18:58:00 GMT
Content-Encoding: gzip
Server: apache
Etag: 3aee0ebe4fba0ca22b85efbfac86d819
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11054

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1022ms
403ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1ee22160c2c31b5f95bf2e223449169c

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

01fec87501c6dd2183d8a48b1d9efd780dd7eb72da1caffb3a7aec7f15cfbd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 18:58:00 GMT
Content-Encoding: gzip
Server: apache
Etag: 578631fd8220a77ec7dad4cb23bed24b
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11051

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1023ms
393ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

a608b9a679abb374c794d64646797b4a1b190d6176e6f04f88a393170356f49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 18:58:00 GMT
Content-Encoding: gzip
Server: apache
Etag: 86e44a7129f62825a1b8cae7dc2701c1
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11009

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 35 KB
13 KB 1046ms
404ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?e8430a361305901aaf21019d086a2e3f

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

c2376c955ae22862468a997c5a21a2f0ca9061845f0e22cf87e7fc0e94d0c31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 18:58:00 GMT
Content-Encoding: gzip
Server: apache
Etag: cd335ba0103306439c0b60efbd345c5b
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13004

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 40ms
15ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X0JR85KTWE&gtm=2oe3u0&_p=2012057381&sr=1600x1200&_z=ccd.AAB&ul=en-us&cid=507824482.1649185079&_s=1&dl=https%3A%2F%2Ffdqwmw.top%2FUAeBHGkm%2Fcopeccl%2F%3F_t%3D1649184432408&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCopec%20Treibstoffzulage!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%8E%8A&sid=1649185079&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X0JR85KTWE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 18:57:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdqwmw.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 61ms
46ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X0JR85KTWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cb27acf78a8c4a747801d30d7c3b55e90456dbcb3016cdd940ef58aa85b9353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66200
x-xss-protection: 0
expires: Tue, 05 Apr 2022 18:57:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 32ms
17ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X0JR85KTWE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5713f471c15cda940b59c63b8ecc10beeccd66fe40f979c88e72321db5a0f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66198
x-xss-protection: 0
expires: Tue, 05 Apr 2022 18:57:59 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 30ms
15ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN&gtm=2oe3u0&_p=2012057381&sr=1600x1200&_z=ccd.AAB&ul=en-us&cid=507824482.1649185079&_s=1&dl=https%3A%2F%2Ffdqwmw.top%2FUAeBHGkm%2Fcopeccl%2F%3F_t%3D1649184432408&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCopec%20Treibstoffzulage!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%8E%8A&sid=1649185079&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 18:57:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdqwmw.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 20ms
15ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G&gtm=2oe3u0&_p=2012057381&sr=1600x1200&_z=ccd.AAB&ul=en-us&cid=507824482.1649185079&_s=1&dl=https%3A%2F%2Ffdqwmw.top%2FUAeBHGkm%2Fcopeccl%2F%3F_t%3D1649184432408&dt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCopec%20Treibstoffzulage!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%8E%8A&sid=1649185079&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 18:57:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdqwmw.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tb2.php Show response
fdqwmw.top/UAeBHGkm/j/ 252 B
634 B 68ms
62ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdqwmw.top/UAeBHGkm/j/tb2.php?c=copeccl&np=taoluming&_=1649185079296
Requested by: Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef6ef50a3f81cd1bf72af9b07662b05fa1d8cad8632ec98f25898d4adcd2bf7

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:57:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie2XqySAaOjiDDKIYW3Iff4vahX9mwhLYcAtU76po1WanEghP57pO9b3h84D1NSGHr2UmR8qKXTkfqLZJ2et6mXOwzzDpp8cAl8V41M5%2FeEsOCqIhoflZZZroLmSnyzfCaTRw5D30M5H"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6f74833b382c5fdc-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
636 B 396ms
396ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=847797626&si=bbb3e86814c9ceef66d180a6c15fa17d&v=1.2.92&lv=1&sn=62341&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ffdqwmw.top%2FUAeBHGkm%2Fcopeccl%2F%3F_t%3D1649184432408%231649185079957&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCopec%20Treibstoffzulage!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 18:58:01 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
636 B 431ms
431ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1428038096&si=8b68846a3ac1709b0ec7199084ee5ea8&v=1.2.92&lv=1&sn=62341&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ffdqwmw.top%2FUAeBHGkm%2Fcopeccl%2F%3F_t%3D1649184432408%231649185079957&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCopec%20Treibstoffzulage!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 18:58:01 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
636 B 420ms
420ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=339642547&si=e8430a361305901aaf21019d086a2e3f&v=1.2.91&lv=1&sn=62341&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ffdqwmw.top%2FUAeBHGkm%2Fcopeccl%2F%3F_t%3D1649184432408%231649185079957&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCopec%20Treibstoffzulage!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 18:58:01 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
636 B 382ms
381ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=228059946&si=1ee22160c2c31b5f95bf2e223449169c&v=1.2.92&lv=1&sn=62342&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ffdqwmw.top%2FUAeBHGkm%2Fcopeccl%2F%3F_t%3D1649184432408%231649185079957&tt=%F0%9F%8E%89%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCopec%20Treibstoffzulage!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: fdqwmw.top
URL: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 18:58:02 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43

GET
H2 200 / Show response
qoaaa.com//4fe48aebd6/4f59451604/ Frame 34AD 25 KB
4 KB 94ms
93ms Document
text/html 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6215&maxw=0
Requested by: Host: qoaaa.com
URL: https://qoaaa.com/js/responsive.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: affilist.com
Software: nginx /
Resource Hash: 2b8adc50e4ffc2c2f3c3808dfc884cb609290b335b7656bfb3d16b70903d2ed5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fdqwmw.top/UAeBHGkm/copeccl/?_t=1649184432408
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Apr 2022 18:58:02 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex,nofollow

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fdqwmw.top/	1970-01-20 19:37:37	Name: _ga_X0JR85KTWE Value: GS1.1.1649185079.1.0.1649185079.0
.fdqwmw.top/	1970-01-20 19:37:37	Name: _ga Value: GA1.1.507824482.1649185079
.fdqwmw.top/	1970-01-20 19:37:37	Name: _ga_LW7434MYMN Value: GS1.1.1649185079.1.0.1649185079.0
.fdqwmw.top/	1970-01-20 19:37:37	Name: _ga_0C230YDF7G Value: GS1.1.1649185079.1.0.1649185079.0
.fdqwmw.top/	1970-01-20 10:52:01	Name: Hm_lvt_bbb3e86814c9ceef66d180a6c15fa17d Value: 1649185081
.fdqwmw.top/	1969-12-31 23:59:59	Name: Hm_lpvt_bbb3e86814c9ceef66d180a6c15fa17d Value: 1649185081
.fdqwmw.top/	1970-01-20 10:52:01	Name: Hm_lvt_8b68846a3ac1709b0ec7199084ee5ea8 Value: 1649185081
.fdqwmw.top/	1969-12-31 23:59:59	Name: Hm_lpvt_8b68846a3ac1709b0ec7199084ee5ea8 Value: 1649185081
.fdqwmw.top/	1970-01-20 10:52:01	Name: Hm_lvt_e8430a361305901aaf21019d086a2e3f Value: 1649185081
.fdqwmw.top/	1969-12-31 23:59:59	Name: Hm_lpvt_e8430a361305901aaf21019d086a2e3f Value: 1649185081
.fdqwmw.top/	1970-01-20 10:52:01	Name: Hm_lvt_1ee22160c2c31b5f95bf2e223449169c Value: 1649185082
.fdqwmw.top/	1969-12-31 23:59:59	Name: Hm_lpvt_1ee22160c2c31b5f95bf2e223449169c Value: 1649185082
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 6993442414C51EFE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdn.jsdelivr.cc
cdn.res.wiki
fdqwmw.top
hm.baidu.com
qoaaa.com
uprimp.com
www.google-analytics.com
www.googletagmanager.com
103.235.46.191
185.66.200.220
185.66.201.42
2606:4700:3030::6815:d63
2606:4700:3035::ac43:ad9f
2a00:1450:4001:811::2001
2a00:1450:4001:812::2008
2a00:1450:4001:830::200e
2a06:98c1:3121::7
01fec87501c6dd2183d8a48b1d9efd780dd7eb72da1caffb3a7aec7f15cfbd92
0af22e5cc8419c056d91c1e2331fd8ff350b834344aadbc5c4240a244829b7bf
0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef
0cc52ef6aae70c2ae4f8cee43c1de20e90255d391c9e0279c6c91545ed581043
1f8873655152745cca277601407e4151460f34a6ec52dd42c282bc61d390cd88
2582e29f8d0ddcea5209528aacf9cd0b802ea579bec18543de99908d795c892b
2a51cd0b99fdf6d9a20fa8f799ad90e2b570745d50decd48a872f4b5c5cd1883
2a8b513090ad90b639a864169e41669717ccefc30aac6442207d8fdf042b1e77
2b8adc50e4ffc2c2f3c3808dfc884cb609290b335b7656bfb3d16b70903d2ed5
30cca214050e6ae6e4211a1034d7c522a221a349db95b2e956e07ce80e2536f0
32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60
3e9bf67e49f1a24b7341e51252249b7c0f025cc43e61b3fb1b6f1edfa2942eaa
4987d5f43ecfeeb96384876eb9247b9653c4cb66628a594cfe87e922ab0a18b5
518cfaac34017c99f3c4fe2fc064d9a7b768c5b050c976a4cf13e904e6c21e27
56c075f4b04bdb89c9a52e0558e2663250fd842cf53394536f373e8e630fd9e5
5a6323020aa849a0b7e49e4ed7692c5ba727f35f177c4a1e95b7cb2d5c292473
5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d
5ef6ef50a3f81cd1bf72af9b07662b05fa1d8cad8632ec98f25898d4adcd2bf7
6060ce6e82c534bbd10c1de163d4aa3ccaa6f11fcdab8dd079b106f413450801
6174249f12706d847e12f5421b4bcbdec052bd0c81a164ea04b3b0ed40576327
62334607590e8418de482a52b105bd0d3e7a15e496f96245ad27fd19d3070a50
69151d1695e09c7dbb4b64932236ca49f3345e641956ac92f75f835c6bab136d
76747763da5346fcf8c29ed795c4d8c805054a9b3a0c86fa6b746937d96b2ed7
78602d6acdacc32df1e3400a36011c7e0760084f82fabd422a50d013cd037d68
7cb27acf78a8c4a747801d30d7c3b55e90456dbcb3016cdd940ef58aa85b9353
7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81
9a570eadfd61c6d02bace1e6b2f6f64ecf4c4129556a085fe9cc859cbb60a7aa
9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f
a0380a97f39276e28b8790a6994cf1fe5d1077aa800b8a2ad5cfc561cbbf646e
a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709
a608b9a679abb374c794d64646797b4a1b190d6176e6f04f88a393170356f49a
b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d
c2376c955ae22862468a997c5a21a2f0ca9061845f0e22cf87e7fc0e94d0c31e
ce580e987852055424603d0b6d8d3dce93ec101cc5248af91ad02a2332e393a4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e756d129e4e0dda15323b82570183ab7af394b312a2874719c4fe5bf95e11e54
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
eedc62f3ea874c29aca4c42666c57bc95ebd80dd48da44ee46e204ccb9cadc37
f5713f471c15cda940b59c63b8ecc10beeccd66fe40f979c88e72321db5a0f7d

fdqwmw.top Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

67 %IPv6

9 Domains

9 Subdomains

9 IPs

4 Countries

798 kBTransfer

1809 kBSize

13 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fdqwmw.top Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

798 kB
Transfer

1809 kB
Size

13
Cookies

47 HTTP transactions
0 data transactions