URL: https://xszj.org/b/65238/c/21088231
Submission Tags: falconsandbox
Submission: On December 04 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3034::ac43:de86, located in United States and belongs to CLOUDFLARENET, US. The main domain is xszj.org.
TLS certificate: Issued by WE1 on October 8th 2024. Valid for: 3 months.
This is the only time xszj.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
4 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2404:2280:1cc... 24429 (TAOBAO Zh...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 172.67.222.134 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
2 216.58.206.46 15169 (GOOGLE)
27 11
Apex Domain
Subdomains
Transfer
14 xszj.org
xszj.org
52 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
128 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
228 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
6 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 bytecdntp.com
lf3-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 190177
33 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
109 KB
27 9
Domain Requested by
14 xszj.org 1 redirects xszj.org
static.cloudflareinsights.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 pagead2.googlesyndication.com xszj.org
pagead2.googlesyndication.com
1 fonts.gstatic.com xszj.org
1 fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com xszj.org
1 lf3-cdn-tos.bytecdntp.com xszj.org
1 www.googletagmanager.com xszj.org
27 9

This site contains links to these domains. Also see Links.

Domain
m.xszj.org
Subject Issuer Validity Valid
xszj.org
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.bytecdntp.com
RapidSSL TLS RSA CA G1
2024-05-21 -
2025-05-20
a year crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://xszj.org/b/65238/c/21088231
Frame ID: 131FC23EC89D426BFA08F4AA1A31E00C
Requests: 25 HTTP requests in this frame

Frame: https://xszj.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: E9BF3F9291DC2BE7C16143001D0D33D7
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

第九十七章 身体检查-变身二次元便当少女第304章(1/3)-小说之家

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

96 %
HTTPS

64 %
IPv6

9
Domains

9
Subdomains

11
IPs

3
Countries

609 kB
Transfer

1951 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://xszj.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://xszj.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 21088231
xszj.org/b/65238/c/
10 KB
6 KB
Document
General
Full URL
https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:de86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b95b9538cea1e14a99e73e10b339e8a484c8de51fbf3edf1955220e99afb8dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8ecdfadfdd1ad9dc-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 18:50:04 GMT
expires
Wed, 04 Dec 2024 22:50:04 GMT
last-modified
Wed, 04 Dec 2024 18:49:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQgH1glH6x%2FN5bhU%2FUYmVdovrgU5B3BTXBWzauAjwm9qFX2csQi1Dwdn2UscjYpqeR683%2BHGOCSMcuAl%2FkiX9YY2Ji6ptbOPhfVG%2FXhZqiO8MAjhcCkJ5l%2B3%2BAiQ5oH%2FN%2FqOHumQGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="HIT" cfL4;desc="?proto=TCP&rtt=6331&min_rtt=6246&rtt_var=1029&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4007&recv_bytes=2289&delivery_rate=616347&cwnd=253&unsent_bytes=0&cid=bd4112dea2a7bd27&ts=333&x=0"
vary
Accept-Encoding
x-ratelimit-limit
480
x-ratelimit-remaining
479
x-ratelimit-reset
1733338251
style.css
xszj.org/static/81xs/css/
19 KB
5 KB
Stylesheet
General
Full URL
https://xszj.org/static/81xs/css/style.css
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:de86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e548643b28c953753647e6f5de1373698c1e0e7ef38c262d8bff04b4d4e1f67d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/b/65238/c/21088231

Response headers

content-encoding
zstd
cf-bgj
minify
cf-cache-status
HIT
age
580442
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8eSJdC3vWENT7%2F6ITwpvFGMybUVTlPcOCM9K1g%2FWGl03f4zNxf%2BAsphKL%2Blffel03eWqI7Yxv76EiWB%2FtLz3bnVtvz4Znpmz0poLsQmYo%2FxiYvHuFEIQKccJMEAne1jv5zJldagMA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 14 Nov 2024 07:51:53 GMT
cf-polished
origSize=20619
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7196&min_rtt=6246&rtt_var=2035&sent=22&recv=21&lost=0&retrans=0&sent_bytes=9780&recv_bytes=2843&delivery_rate=1202224&cwnd=257&unsent_bytes=0&cid=bd4112dea2a7bd27&ts=356&x=0"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 13 Sep 2024 05:51:09 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecdfae1fab0d9dc-FRA
server
cloudflare
h.js
xszj.org/static/81xs/71681a51/
3 KB
2 KB
Script
General
Full URL
https://xszj.org/static/81xs/71681a51/h.js
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:de86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d290df0dc7cd5512e4dffb98980bd4fb73c60bab1d53528f262943c1235288

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/b/65238/c/21088231

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
806869
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FB0dkjk2wlmSe9F2Ps%2BYDhPJAoc3odpmhezBEj16pVnbXb0nAeArt0KvjrZwmrp6vbabuB3Y1UZjfxNU4e2kZy2Rx0s6hOsmi0JHmbK6ZKfWvsvuqYr%2B4IHYlEOodXHKtL6WawUEiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ecdfae1fab4d9dc-FRA
expires
Mon, 25 Nov 2024 12:42:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7196&min_rtt=6246&rtt_var=2035&sent=33&recv=21&lost=0&retrans=0&sent_bytes=17787&recv_bytes=2843&delivery_rate=1202224&cwnd=257&unsent_bytes=0&cid=bd4112dea2a7bd27&ts=359&x=0"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Mon, 25 Nov 2024 10:27:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9179307614313355
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
55590651a23eb6236e71e30f39197db02a891c5c167726bd5fb856182fbc893b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xszj.org
Referer
https://xszj.org/

Response headers

content-encoding
br
etag
16531273585074189489
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 18:50:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53465
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
326 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8NZTY4Z9E0
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b937c8ac9853e629b92f4c4a681364daadedd4f9a87912638b3ad749c116582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 18:50:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110615
x-xss-protection
0
server
Google Tag Manager
jquery.min.js
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/1.9.1/
90 KB
33 KB
Script
General
Full URL
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/1.9.1/jquery.min.js
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/

Response headers

content-encoding
gzip
etag
W/"61f0cbd5-169d5"
age
12895
expires
Fri, 03 Jan 2025 15:10:25 GMT
server-timing
inner; dur=10
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
date
Wed, 04 Dec 2024 15:15:09 GMT
content-type
application/javascript
last-modified
Wed, 26 Jan 2022 04:19:33 GMT
vary
Accept-Encoding
x-tt-trace-host
012bacbe4f490689291d13ba25f4cdc39cf21edd7a2213bbc7ccce5c31f40e27983ec488505794e9b8999e691829f554ceb247f2e2db5572d9ed6a0b2db4eb516369c312151198ba71c3178f4791ce0fcc
cache-control
max-age=2592000
x-swift-cachetime
2592000
timing-allow-origin
*
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
ens-cache7.l2de3[214,214,200-0,M], ens-cache4.l2de3[220,0], ens-cache13.de5[0,0,200-0,H], ens-cache5.de5[2,0]
ali-swift-global-savetime
1733325310
x-swift-savetime
Wed, 04 Dec 2024 15:15:10 GMT
access-control-allow-origin
*
x-tt-trace-id
00-241204231509AC256119FD7EB3EEEAE1-54054A2E6B7750AE-00
content-length
32819
eagleid
a3b55c9917333382057946967e
x-tt-logid
20241204231509AC256119FD7EB3EEEAE1
server
Tengine
x-response-cinfo
2a01:4a0:5a::10
x-response-cache
edge_hit
common.js
xszj.org/static/81xs/js/
9 KB
4 KB
Script
General
Full URL
https://xszj.org/static/81xs/js/common.js
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:de86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37087a15de432fa171f5c79506b0b2df114c3f0ed07ec48e4f224917a28fc210

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/b/65238/c/21088231

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
61344
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BfHqWYVjJUXImXNqfAP9%2Bvd9niVYjaAueP20WbS1T20PnORwdzkdTkNygAPAJ%2BNc%2BL1cA%2FpUNCYA4ofh4xhWhQ%2Fb5T%2B21M9VQwnpZUOqNURkJkA8SIZvJ9m6SRsLU0UhIyv5u6sBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ecdfae1fab8d9dc-FRA
expires
Thu, 28 Nov 2024 10:51:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6919&min_rtt=6175&rtt_var=814&sent=41&recv=27&lost=0&retrans=0&sent_bytes=22186&recv_bytes=2843&delivery_rate=1973893&cwnd=257&unsent_bytes=0&cid=bd4112dea2a7bd27&ts=365&x=0"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 08 May 2022 06:36:05 GMT
m.js
xszj.org/
358 B
778 B
Script
General
Full URL
https://xszj.org/m.js
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:de86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05dad7aca30a620d69b9399e6aaf14bee42ff242c9352d0191c90cf74405e100

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/b/65238/c/21088231

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67348a91-166"
age
2254
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=afFEeC%2F5sCkbnQWF7uanTf54EmWh4%2FOzeyWmCWhU2BCEdkXwRiLkXTJ6z1EAfVuM%2BmTwEruqpm%2FZESU0tMTWrOIAwVG3vmZjFTnVUBuEzLBR5wjw7KwqDYO4xRg9%2FYMLw9ykgpWYkg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 04 Dec 2024 23:56:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6891&min_rtt=6175&rtt_var=545&sent=46&recv=30&lost=0&retrans=0&sent_bytes=25993&recv_bytes=2843&delivery_rate=1984799&cwnd=257&unsent_bytes=0&cid=bd4112dea2a7bd27&ts=371&x=0"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 11:16:33 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecdfae1fabad9dc-FRA
server
cloudflare
g.js
xszj.org/static/81xs/71681a51/
0
521 B
Script
General
Full URL
https://xszj.org/static/81xs/71681a51/g.js
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:de86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/b/65238/c/21088231

Response headers

cf-bgj
minify
cf-cache-status
HIT
age
1736200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FasfBfuLZPXL1W30SW0UqraUi6raVO9TKLehDu4PFUHq0xidGb%2Fe3R3v5ajRkvWWZa5H%2FzXGg5omLYQ0fNj11miQhSPnO%2FWXeISe%2B5%2FnZ8Pred9Lhl3Q5ykRSMNN9cEMLZGjNc1PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 22 Oct 2024 01:50:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7196&min_rtt=6246&rtt_var=2035&sent=36&recv=21&lost=0&retrans=0&sent_bytes=19559&recv_bytes=2843&delivery_rate=1202224&cwnd=257&unsent_bytes=0&cid=bd4112dea2a7bd27&ts=360&x=0"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript
last-modified
Mon, 26 Jun 2023 01:00:29 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecdfae1fabbd9dc-FRA
accept-ranges
bytes
content-length
0
server
cloudflare
readpage.js
xszj.org/static/81xs/js/
5 KB
2 KB
Script
General
Full URL
https://xszj.org/static/81xs/js/readpage.js
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:de86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fd02716b0a522000b6fee770adeb999c09fb430750316f2fe7c85cb626f831

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/b/65238/c/21088231

Response headers

content-encoding
zstd
cf-bgj
minify
cf-cache-status
HIT
age
1736200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIOEp5ZC7f8%2BiFUnqAx1qNkuf7B81SWYwBuapct%2BFZpAhqUOb3bVC%2BdkraqYDgpO3fjsjQyZWR0s6GiVLzMBNgEJNKWUyxgVe7eDULEv2h%2F48Dz3fLSodIFw0cP2dkyGYJ2ICD95WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 16 Oct 2024 17:38:20 GMT
cf-polished
origSize=8259
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7196&min_rtt=6246&rtt_var=2035&sent=29&recv=21&lost=0&retrans=0&sent_bytes=15165&recv_bytes=2843&delivery_rate=1202224&cwnd=257&unsent_bytes=0&cid=bd4112dea2a7bd27&ts=358&x=0"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript
last-modified
Sun, 08 May 2022 06:36:05 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecdfae1fabed9dc-FRA
server
cloudflare
tempbookcase.js
xszj.org/static/81xs/js/
4 KB
2 KB
Script
General
Full URL
https://xszj.org/static/81xs/js/tempbookcase.js
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:de86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc2c1193d338279750b6056cbbe0a95de509eff131252f1c30c602ebf7ada17e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/b/65238/c/21088231

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
2551091
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDorUk7ilNORpfXT54UeUOIUYWgCarb2mCX1stWlc8ROK6FVrKRpqtYeGr15jA5iVUzBffV%2BlEQwpPHT1EMjRPJv4IXFYwr%2BQPp8rPdU2Un1I6hBTbza9UKFZVnM7gwKSi9s4FZ51g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ecdfae1fac1d9dc-FRA
expires
Tue, 05 Nov 2024 02:24:37 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7196&min_rtt=6246&rtt_var=2035&sent=37&recv=21&lost=0&retrans=0&sent_bytes=20102&recv_bytes=2843&delivery_rate=1202224&cwnd=257&unsent_bytes=0&cid=bd4112dea2a7bd27&ts=362&x=0"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 08 May 2022 06:36:05 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xszj.org
Referer
https://xszj.org/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8ecdfae22f6bd351-FRA
access-control-allow-origin
*
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
default.png
xszj.org/static/81xs/img/
22 KB
22 KB
Image
General
Full URL
https://xszj.org/static/81xs/img/default.png
Requested by
Host: xszj.org
URL: https://xszj.org/static/81xs/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccb35e05c8f7b3632367f42cb9f113d32fb14dbdc447206df295cc320bfd4cca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/static/81xs/css/style.css

Response headers

cf-cache-status
HIT
age
1727960
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLy6pVkGnoXWObSqlAkEDOklWbKZbRPgVEmynWU%2FR0iwhbbnvQXL3X3rnCdWgLlsiirPPnGckeqy4lUojWXPuVijre9lsiacT9HEcnsPxg5uHyxKVsdVCYK0sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 16:56:50 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7694&min_rtt=6566&rtt_var=3236&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4286&recv_bytes=4421&delivery_rate=1867&cwnd=12000&unsent_bytes=0&cid=845013ca79b212cf&ts=47&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
image/png
last-modified
Sun, 08 May 2022 06:36:05 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ecdfae22cf8d9d8-FRA
accept-ranges
bytes
content-length
22123
server
cloudflare
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/
90 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9179307614313355
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ac808fa6bd0b694b4b9ea1fd5cc7774c6d896a71e802c5936b13712efc19f547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/

Response headers

content-encoding
br
etag
17548852256405538886
age
78535
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 21:01:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 21:01:09 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31863
x-xss-protection
0
server
cafe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/
434 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9179307614313355&plah=xszj.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9179307614313355
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
112b0def8865db56f3f77018111aa725c143f217cd119a7804e35ed2ffb8403c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/

Response headers

content-encoding
br
etag
14197119489539146592
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 18:50:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147685
x-xss-protection
0
server
cafe
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8NZTY4Z9E0&gtm=45je4bk0v9116730604za200&_p=1733338204490&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1250536639.1733338205&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733338204&sct=1&seg=0&dl=https%3A%2F%2Fxszj.org%2Fb%2F65238%2Fc%2F21088231&dt=%E7%AC%AC%E4%B9%9D%E5%8D%81%E4%B8%83%E7%AB%A0%20%E8%BA%AB%E4%BD%93%E6%A3%80%E6%9F%A5-%E5%8F%98%E8%BA%AB%E4%BA%8C%E6%AC%A1%E5%85%83%E4%BE%BF%E5%BD%93%E5%B0%91%E5%A5%B3%E7%AC%AC304%E7%AB%A0(1%2F3)-%E5%B0%8F%E8%AF%B4%E4%B9%8B%E5%AE%B6&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=490
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8NZTY4Z9E0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://xszj.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
text/plain
server
Golfe2
ca-pub-9179307614313355
fundingchoicesmessages.google.com/i/
196 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9179307614313355?href=https%3A%2F%2Fxszj.org%2Fb%2F65238%2Fc%2F21088231&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9179307614313355&plah=xszj.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43f969295c1d9cbc0c1c0975a5cedd6819287a543f1369ff93c7273def9ba4a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7vnOSWx1gsuuNXwodbniFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxDPOX2ZdAMRFEldYG4CY4esVVg4gFuLhuHPi0C42gRW3nj5kUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDIw1jMwiy8wAAAML0GW"
content-security-policy
script-src 'report-sample' 'nonce-7vnOSWx1gsuuNXwodbniFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9179307614313355
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://xszj.org/

Response headers

AGSKWxVgrZpFRn3-CrwWyV1WnGjZhLf3JjDhoGsqOl3iuSseMarS_OYe_XvXLrI8UxxRZE3V3eqeozfaRHqjm6eghCiU59qms9_XQsxiQlUL964NMuRtPoK2ZaSTavKFj0aGHJ0lv3kQBg==
fundingchoicesmessages.google.com/f/
393 KB
63 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVgrZpFRn3-CrwWyV1WnGjZhLf3JjDhoGsqOl3iuSseMarS_OYe_XvXLrI8UxxRZE3V3eqeozfaRHqjm6eghCiU59qms9_XQsxiQlUL964NMuRtPoK2ZaSTavKFj0aGHJ0lv3kQBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMzM4MjA0LDgyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly94c3pqLm9yZy9iLzY1MjM4L2MvMjEwODgyMzEiLG51bGwsW1s4LCJiekpWckx6ZjFRMCJdLFs5LCJkZSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMxV43V490k6pGY1UOg_nWBE8Z110A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1bb54ebecc4ce7260269b73b4bda658ae795e39c3f73d9f131aa4d02b836f545
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AU9x-cOj9LcvMeZd-BIN_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 18:50:04 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYeO15VkcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxDPOX2ZdAMRFEldYG4CY4esVVg4gFuLhuHPi0C42gQ83zx9nVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDIw1jMwiy8wAAAYIkG6"
content-security-policy
script-src 'report-sample' 'nonce-AU9x-cOj9LcvMeZd-BIN_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
114 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bzJVrLzf1Q0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzMdiUbEzAQW2mNL1hr_fZAIiF3Aw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 18:50:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 18:50:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 18:50:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: xszj.org
URL: https://xszj.org/b/65238/c/21088231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xszj.org
Referer
https://xszj.org/

Response headers

age
77515
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 21:18:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 21:18:10 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxX8h4ISlVxhg3tZxrivNhTmrz8dlJE6cXPN0N8bPPY0zWvEYnkjIw09DA6YaMpFLrU7O8Fcy_TiHDiJi6v9aqzISDO0eTvAb3k8t_wxqGSxUhkRa4g5ZT-uuGM4KFccIBf2Hc-z5Q==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8h4ISlVxhg3tZxrivNhTmrz8dlJE6cXPN0N8bPPY0zWvEYnkjIw09DA6YaMpFLrU7O8Fcy_TiHDiJi6v9aqzISDO0eTvAb3k8t_wxqGSxUhkRa4g5ZT-uuGM4KFccIBf2Hc-z5Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMxV43V490k6pGY1UOg_nWBE8Z110A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-umIO7qZLmNVasSNEPaS74Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xszj.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 18:50:05 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBicEqfwRoAxAxfr7ByALEQN8fdE4d2sQl03F0soeSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDI0MjPUMzOMLDADz-iXU"
content-security-policy
script-src 'report-sample' 'nonce-umIO7qZLmNVasSNEPaS74Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xszj.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX8h4ISlVxhg3tZxrivNhTmrz8dlJE6cXPN0N8bPPY0zWvEYnkjIw09DA6YaMpFLrU7O8Fcy_TiHDiJi6v9aqzISDO0eTvAb3k8t_wxqGSxUhkRa4g5ZT-uuGM4KFccIBf2Hc-z5Q==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8h4ISlVxhg3tZxrivNhTmrz8dlJE6cXPN0N8bPPY0zWvEYnkjIw09DA6YaMpFLrU7O8Fcy_TiHDiJi6v9aqzISDO0eTvAb3k8t_wxqGSxUhkRa4g5ZT-uuGM4KFccIBf2Hc-z5Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bzJVrLzf1Q0.es5.O/am=DAY/d=1/rs=AJlcJMxV43V490k6pGY1UOg_nWBE8Z110A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QNg-R66-hTgQXNHTDuXjAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xszj.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 18:50:05 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBicEqfwRoAxAxfr7ByALEQN8fdE4d2sQn8mHBGQsklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoZGOsZmMcXGAAACZUmHw"
content-security-policy
script-src 'report-sample' 'nonce-QNg-R66-hTgQXNHTDuXjAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xszj.org
content-length
0
x-xss-protection
0
server
ESF
main.js
xszj.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame E9BF
Redirect Chain
  • https://xszj.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://xszj.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
5 KB
Script
General
Full URL
https://xszj.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Protocol
H3
Server
172.67.222.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8aeca5fb6d3563e4acd1ac717b2e93c73a24013c66df6a5a450a6a072efb4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nHU0JOkizxrucBEI%2B6ofltxZ0q4YpshnI%2FN%2FnQk3fDSzMVXkdtCgod7VyA%2F1s3cPYM43dpdj3F8vKuXmzWXCYqemvaEmW8FWkq0tOsOyf0llbcIMqa2jvdVsw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ecdfaea9873d9d8-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7126&min_rtt=6404&rtt_var=734&sent=38&recv=24&lost=0&retrans=0&sent_bytes=28579&recv_bytes=7738&delivery_rate=56532&cwnd=24000&unsent_bytes=0&cid=845013ca79b212cf&ts=1386&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 18:50:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mNK%2B137epr4JkCDkUqcAD9yxxn7lJP6mOaXaysb5N7W9pAfTug9SAtYoAnz%2FUP6CpcIEKM2h5%2FcDYK%2BxeUuDQB8HQKs4HwvMwf%2BjNJ0CIhb69fRrErd3A0sutg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ecdfaea7846d9d8-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=6973&min_rtt=6404&rtt_var=570&sent=33&recv=20&lost=0&retrans=0&sent_bytes=27632&recv_bytes=5182&delivery_rate=1768059&cwnd=24000&unsent_bytes=0&cid=845013ca79b212cf&ts=1373&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 18:50:05 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
rum
xszj.org/cdn-cgi/
0
136 B
XHR
General
Full URL
https://xszj.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xszj.org/b/65238/c/21088231

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8ecdfaea8856d9d8-FRA
access-control-allow-origin
https://xszj.org
date
Wed, 04 Dec 2024 18:50:05 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
8ecdfadfdd1ad9dc
xszj.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E9BF
0
1 KB
XHR
General
Full URL
https://xszj.org/cdn-cgi/challenge-platform/h/b/jsd/r/8ecdfadfdd1ad9dc
Requested by
Host: xszj.org
URL: https://xszj.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJf7u%2BO7W6gtr2u%2BgbNpz2vdE17L8Wa8evlPDfAFb%2BQYXEaDFYS96QryzPmj%2Fh9Lwtya%2BJRPCyGXgpoj4KsWs9SbOYrR3cpB1N1%2B7b%2FRQApH9uh4RajeVMCliQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ecdfaeaf96ed9d8-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6947&min_rtt=6404&rtt_var=574&sent=50&recv=43&lost=0&retrans=0&sent_bytes=33743&recv_bytes=25511&delivery_rate=395203&cwnd=24000&unsent_bytes=0&cid=845013ca79b212cf&ts=1455&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Wed, 04 Dec 2024 18:50:05 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
xszj.org/
4 KB
2 KB
Other
General
Full URL
https://xszj.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02024f9c9f86890bf2e6bdfab810f2ee65c855e750f4bb757a3f9ce61d14675a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xszj.org/b/65238/c/21088231

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
2819
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSfqmZLgXDfaUiyLqZecJ%2BmFPc88JUDuruGF0R0Qk6jy6YJ5vx1CQ%2BDdm1RleSaaRDDn2%2F29Yh1FF4bojn7mUzAUs5VuciD7248aicgGptaNALlRVXUnaHqKEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ecdfaeaf974d9d8-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6947&min_rtt=6404&rtt_var=574&sent=51&recv=43&lost=0&retrans=0&sent_bytes=34918&recv_bytes=25511&delivery_rate=395203&cwnd=24000&unsent_bytes=0&cid=845013ca79b212cf&ts=1456&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 18:50:05 GMT
content-type
image/x-icon
last-modified
Mon, 09 May 2022 09:14:43 GMT
vary
Accept-Encoding
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 string| sflag function| t function| b function| b2 function| loadJ function| sendAjax object| adsbygoogle function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZmI1NzViMTIxZjM3MTE2ZGxvYWRlcl9qcw== string| ZmI1NzViMTIxZjM3MTE2ZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| $ function| jQuery function| imglazy function| is_mobile function| setCookies function| readCookies function| gotop function| zzping function| tongji function| isMobileNew string| language string| host object| jQuery191012487022217036525 object| ReadSet function| LoadReadSet function| utf16to8 function| utf8to16 string| base64EncodeChars object| base64DecodeChars function| base64encode function| base64decode function| str_decode function| str_encode function| LastRead function| removebook function| removeall function| showtempbooks object| lastread object| __cfBeacon

3 Cookies

Domain/Path Name / Value
.xszj.org/ Name: _ga_8NZTY4Z9E0
Value: GS1.1.1733338204.1.0.1733338204.0.0.0
.xszj.org/ Name: _ga
Value: GA1.1.1250536639.1733338205
.xszj.org/ Name: cf_clearance
Value: AmtDNOyJOr8Z3UAaLJIhS1YoxL.ViZnG1h5IrwDyK6c-1733338205-1.2.1.1-bXrXRkTxokrGL3cA.NpJvSTcMJrs4.bshAFuxEfOhCzvDhEpW2RhsK8GBN32D7q199KhLE36Ozqc4FTnF6rp1i7uc0qN.XgI9GmBmUis2KjTzgLjDSvgL1POGrxwN_1x2t_4eLs7Cg6GvAJvL.I40lWUuatytdMFsN9aM20xMsvVofH00f69dgUlt4BIWtIEzGoKAnS9F_lwWkXuraj1QTyD46MqbJqfWcATr8xLxhkrsOMvdUJwafUZiSpV2gvx8e7TTyNQbkAiNYkBLq75XuKAoj2ppity8GgdJ6n25Ui4SCPsG7C_Z.NYgL.GrptRnpl65VegSr95WLbWU1urA6MYESdDm89c4pS_kmiqaZq5RQ87st.y8l1rzcnJuZs0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lf3-cdn-tos.bytecdntp.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.cloudflareinsights.com
www.googletagmanager.com
xszj.org
142.250.185.226
142.250.186.35
172.67.222.134
2001:4860:4802:32::36
216.58.206.46
2404:2280:1cc:0:3::a
2606:4700:3034::ac43:de86
2606:4700::6810:5049
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200a
02024f9c9f86890bf2e6bdfab810f2ee65c855e750f4bb757a3f9ce61d14675a
05dad7aca30a620d69b9399e6aaf14bee42ff242c9352d0191c90cf74405e100
112b0def8865db56f3f77018111aa725c143f217cd119a7804e35ed2ffb8403c
1bb54ebecc4ce7260269b73b4bda658ae795e39c3f73d9f131aa4d02b836f545
37087a15de432fa171f5c79506b0b2df114c3f0ed07ec48e4f224917a28fc210
3b95b9538cea1e14a99e73e10b339e8a484c8de51fbf3edf1955220e99afb8dd
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41fd5a9efea51b6c6345afd1c34a99c4ad7f2f0407171bdf4de08e10a050355f
43f969295c1d9cbc0c1c0975a5cedd6819287a543f1369ff93c7273def9ba4a2
4b937c8ac9853e629b92f4c4a681364daadedd4f9a87912638b3ad749c116582
55590651a23eb6236e71e30f39197db02a891c5c167726bd5fb856182fbc893b
88d290df0dc7cd5512e4dffb98980bd4fb73c60bab1d53528f262943c1235288
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9b8aeca5fb6d3563e4acd1ac717b2e93c73a24013c66df6a5a450a6a072efb4d
ac808fa6bd0b694b4b9ea1fd5cc7774c6d896a71e802c5936b13712efc19f547
bc2c1193d338279750b6056cbbe0a95de509eff131252f1c30c602ebf7ada17e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3fd02716b0a522000b6fee770adeb999c09fb430750316f2fe7c85cb626f831
ccb35e05c8f7b3632367f42cb9f113d32fb14dbdc447206df295cc320bfd4cca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548643b28c953753647e6f5de1373698c1e0e7ef38c262d8bff04b4d4e1f67d