URL: https://poop.thegalleryofart.org/
Submission: On December 15 via api from US — Scanned from IT

Summary

This website contacted 19 IPs in 4 countries across 18 domains to perform 60 HTTP transactions. The main IP is 172.67.204.156, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.thegalleryofart.org.
TLS certificate: Issued by WE1 on October 27th 2024. Valid for: 3 months.
This is the only time poop.thegalleryofart.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 172.67.204.156 13335 (CLOUDFLAR...)
3 142.250.186.66 15169 (GOOGLE)
1 104.18.187.31 13335 (CLOUDFLAR...)
1 172.217.18.104 15169 (GOOGLE)
3 142.250.186.74 15169 (GOOGLE)
5 142.250.185.195 15169 (GOOGLE)
6 172.67.139.119 13335 (CLOUDFLAR...)
2 142.250.184.226 15169 (GOOGLE)
9 192.243.61.227 39572 (ADVANCEDH...)
2 142.250.184.238 15169 (GOOGLE)
1 185.196.197.71 39572 (ADVANCEDH...)
1 18.185.237.16 16509 (AMAZON-02)
1 142.250.186.130 15169 (GOOGLE)
1 192.243.59.20 39572 (ADVANCEDH...)
2 142.250.74.193 15169 (GOOGLE)
1 172.67.208.42 13335 (CLOUDFLAR...)
1 142.250.184.196 15169 (GOOGLE)
6 188.114.96.9 13335 (CLOUDFLAR...)
60 19
Apex Domain
Subdomains
Transfer
13 thegalleryofart.org
poop.thegalleryofart.org
238 KB
8 haychalk.com
haychalk.com
13 KB
6 creative-stat1.com
cdn.creative-stat1.com — Cisco Umbrella Rank: 24666
23 KB
6 fontawesome.com
ka-f.fontawesome.com — Cisco Umbrella Rank: 6059
185 KB
5 gstatic.com
fonts.gstatic.com
110 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
198 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 show-creative1.com
cdn.show-creative1.com — Cisco Umbrella Rank: 87154
2 KB
1 unseenreport.com
unseenreport.com — Cisco Umbrella Rank: 18530
512 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15519
306 B
1 recordedthereby.com
recordedthereby.com — Cisco Umbrella Rank: 15926
84 KB
1 flatjeep.com
flatjeep.com — Cisco Umbrella Rank: 79486
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
7 KB
60 18
Domain Requested by
13 poop.thegalleryofart.org poop.thegalleryofart.org
8 haychalk.com flatjeep.com
6 cdn.creative-stat1.com flatjeep.com
6 ka-f.fontawesome.com poop.thegalleryofart.org
5 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com poop.thegalleryofart.org
flatjeep.com
3 pagead2.googlesyndication.com poop.thegalleryofart.org
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 www.google-analytics.com www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 cdn.show-creative1.com flatjeep.com
1 unseenreport.com
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 proftrafficcounter.com flatjeep.com
1 recordedthereby.com flatjeep.com
1 flatjeep.com poop.thegalleryofart.org
1 www.googletagmanager.com poop.thegalleryofart.org
1 cdn.jsdelivr.net poop.thegalleryofart.org
60 19

This site contains no links.

Subject Issuer Validity Valid
thegalleryofart.org
WE1
2024-10-27 -
2025-01-25
3 months crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA
2024-05-04 -
2025-05-04
a year crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
ka-f.fontawesome.com
WE1
2024-10-27 -
2025-01-25
3 months crt.sh
flatjeep.com
R11
2024-12-10 -
2025-03-10
3 months crt.sh
recordedthereby.com
R10
2024-11-06 -
2025-02-04
3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02
2024-10-21 -
2025-11-20
a year crt.sh
adtrafficquality.google
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.unseenreport.com
R10
2024-11-18 -
2025-02-16
3 months crt.sh
haychalk.com
R10
2024-12-13 -
2025-03-13
3 months crt.sh
show-creative1.com
WE1
2024-10-18 -
2025-01-16
3 months crt.sh
www.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
creative-stat1.com
WE1
2024-10-18 -
2025-01-16
3 months crt.sh

This page contains 6 frames:

Primary Page: https://poop.thegalleryofart.org/
Frame ID: 349E7CC3496877700DDC89048F1B1405
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: DAA1E79CB10E0B0F367B0309E3479BB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840529569014734&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730523536&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fpoop.thegalleryofart.org%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734291725594&bpp=2&bdt=647&idt=1726&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1850446271756&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95348683%2C31089340%2C95332590%2C95345967&oid=2&pvsid=2761262113529123&tmod=131718971&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1743
Frame ID: BEBEBE50575DAF6E4E60C3A89112EA55
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 1148694D93DB3774C1749E1770866309
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25F3D3D3954CB7B36EF0F099C9D35656
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap
Frame ID: 092372F00F926C76734B8822BE93F74F
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

(1) New Message!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div id="particles-js">
  • /particles(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

60
Requests

98 %
HTTPS

0 %
IPv6

18
Domains

19
Subdomains

19
IPs

4
Countries

1005 kB
Transfer

3159 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
poop.thegalleryofart.org/
2 KB
2 KB
Document
General
Full URL
https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1583957a04d599a02b2a81644f47153a667b6bc821215bfcbc1cd0422d3bcae8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f28ea2d7fe5dc5a-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sun, 15 Dec 2024 19:42:04 GMT
last-modified
Sat, 02 Nov 2024 04:58:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y9IBUuPUz%2FNCwRK5IpZsAHDEHq4jx7X%2F1vQtqg2Djt1u%2FKd6sSwTaoyqWu32BAbXFbeqUVNS2bSuClVPby8nZI16FBfYPqjrzbMYBbbZ5Shwt4Rg2SqxpUR9iGMzow4QrzQiUYMOz2ppI80%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=17091&min_rtt=15659&rtt_var=5570&sent=8&recv=9&lost=0&retrans=0&sent_bytes=4029&recv_bytes=2300&delivery_rate=246759&cwnd=253&unsent_bytes=0&cid=fb0249d9740291d3&ts=603&x=0"
vary
Accept-Encoding
global.css
poop.thegalleryofart.org/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://poop.thegalleryofart.org/assets/css/global.css?v=6
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2605547a547e85feafd41ddfa7311354c6c70d5aa5b7e84897940775d0a74a07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"d3k73ucgvcb821z"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5sJ7ITiEe63jmpgZcjzjtJaf06WsiGDgH%2F%2BrVZd7lry0kdQWe5VIhkdNXCw8CaQ2SCjZoeeejZKxgsEDBbWdGrJ%2FxH3szGOeLQEmCWb7kUeRpbBRlZaanS5QbzilXOrA5PxZiSSZUpmpKQs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311be5dc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18407&min_rtt=12401&rtt_var=5394&sent=23&recv=15&lost=0&retrans=0&sent_bytes=8988&recv_bytes=2961&delivery_rate=361307&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1180&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 19 Aug 2024 21:11:13 GMT
vary
Accept-Encoding
server
cloudflare
h.css
poop.thegalleryofart.org/assets/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://poop.thegalleryofart.org/assets/css/h.css?v=01
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321102f8bc99fb0427e333eded2188c275754f1274173dcdca31f70a462d091d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"d4lnp92aqn3n1i5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yfzhh7lVGr221PadN%2FmYbEdvuLIpu1RdxUnQehPhCtywbMY2rsGpXQ5sK4wP9TcznM4hUkvOvenadMPXlPr0Zn%2BEqQedXHEsV4VttJxfG4kW8MYla83Tm2TxZkMpvRof%2FwRFVaHCdeU6iWE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311be8dc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18783&min_rtt=15659&rtt_var=6066&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5705&recv_bytes=2961&delivery_rate=246759&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1157&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 02 Oct 2024 22:00:07 GMT
vary
Accept-Encoding
server
cloudflare
nav.css
poop.thegalleryofart.org/assets/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://poop.thegalleryofart.org/assets/css/nav.css?v=01
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32694d8344058312ce866dd3be6e01107fb11371588e84be274383c1ac7a3e63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"d4l3w8ksdm0a2l1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rReA4hiECwI%2BjpFbnMxadIw6EZHebI%2FLioH1cCKn0xQr2RZDKhdx0KiFR90IPID7sRDA94WxorC3bM55t2cv6zb7Oj1etaKaTxmWx%2BpPIqhWN1c40uunvUpAGtfJlDgJDH7wNmmsK11fjVM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311becdc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18407&min_rtt=12401&rtt_var=5394&sent=26&recv=15&lost=0&retrans=0&sent_bytes=10578&recv_bytes=2961&delivery_rate=361307&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1183&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 02 Oct 2024 06:28:52 GMT
vary
Accept-Encoding
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6840529569014734
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b9415e01da7bdaeaaae61b16e8116a2cd2a4c8264ea399a1323fad66aec1adf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://poop.thegalleryofart.org
Referer

Response headers

content-encoding
br
etag
16431863507254918844
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 19:42:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53275
x-xss-protection
0
server
cafe
/
cdn.jsdelivr.net/particles.js/2.0.0/
23 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/particles.js/2.0.0/
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
age
19289314
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aqa3UQuwDmrSd2ZU8udRpw18Nlb%2F8o7dnIwbTFOb1g0eQ4ByIJIry9v%2BW3%2BVIxBzFg1jYm32tbOVDSs6oQDGVqQnWNRCA5ImV2ZHsHod8gddMXe5DICq0XwJercqUBY67qk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220098-FRA, cache-lga21939-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f28ea343d7f4d3a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6363
server
cloudflare
i.js
poop.thegalleryofart.org/assets/js/
1 KB
1 KB
Script
General
Full URL
https://poop.thegalleryofart.org/assets/js/i.js?v=02
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a25daa9a66b774ba50abf4bb7835f7f55c2e7de18241d8f49130a6f5a2c078f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"d4llaq9ix6at157"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tv6rHAmh3wCHEIPqD7x6RsAPwVsAM35AR1Nq9BvMqkQJ7%2FVsASluIRY7TBNfteJ%2Bg3MmMWGdxWhLVffSy3UMJY1F0rpy0Ogavz2fu%2FCOr9vO8OX%2B1Bfvh9zMphhGKsEI8uQCYM9vYoKy5f4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311beddc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18783&min_rtt=15659&rtt_var=6066&sent=17&recv=13&lost=0&retrans=0&sent_bytes=7037&recv_bytes=2961&delivery_rate=246759&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1165&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 20:07:06 GMT
vary
Accept-Encoding
server
cloudflare
home.js
poop.thegalleryofart.org/assets/js/
5 KB
2 KB
Script
General
Full URL
https://poop.thegalleryofart.org/assets/js/home.js?v=00
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc9091e20ba7ca9c15355902f8283ddb548de03ed6fdb4976691ab6ca0e026b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"d5bfe9hu1ohf49i"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ewkq4%2FR63rnVtnvqTbuhIuQdTA%2F%2BkWJOERd9UY5favxh%2FgkvCLAA%2B%2BWLruMFhcD3afnIrZGq4Y37g2o2MlJl4YrIz84ZavOd7w50RWdaKn4JF5QfFfCODyw2q2MJKpK9uPjm6ISBGx%2FkWjo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311bf3dc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18407&min_rtt=12401&rtt_var=5394&sent=29&recv=15&lost=0&retrans=0&sent_bytes=12242&recv_bytes=2961&delivery_rate=361307&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1189&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 02 Nov 2024 04:58:56 GMT
vary
Accept-Encoding
server
cloudflare
bundle.js
poop.thegalleryofart.org/assets/ultra/
766 KB
206 KB
Script
General
Full URL
https://poop.thegalleryofart.org/assets/ultra/bundle.js?v=10-02-2024
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3f60a9e2f7a754c784565c2b5dfa3c73d5b6ffb19eecf772d3d5a9249702d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"d4llaq9lawpxgtev"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8PcLZGd1rRS0rWuWTv4QA%2F431XSwJ%2BwKDJJGSnsrVw3qVo%2FWMLyFkhpd5VtSg%2Ff7mAobq2yNeU47VLPxOpKRWI%2BBRbr%2BDyqJTB3Q3IJk0rSp62jGbRkXVHVF8X6X%2BCMWoVv75Vx9DtQYPQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311bf7dc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=15860&min_rtt=12401&rtt_var=4034&sent=47&recv=30&lost=0&retrans=0&sent_bytes=23056&recv_bytes=2961&delivery_rate=724358&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1482&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 20:07:06 GMT
vary
Accept-Encoding
server
cloudflare
config.js
poop.thegalleryofart.org/assets/ultra/
333 B
624 B
Script
General
Full URL
https://poop.thegalleryofart.org/assets/ultra/config.js?v=10-02-2024
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81c54446144e390dde5355d1a9288fcadc5efcddf5061361a9d8296d7c5a3fcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"d4llaq9lawpx99"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nj3o2mQpbL7jNpzeYALlEwUYt4WiXtpugxAeht%2F9Smzm4hbR3f9ewHuSxizRb7I0GizI9rR3dKXOZXfr6fQ%2B7rtlSoXc%2BvPwYHe8GX%2FhrO53MQudoWnrlebbhtVm%2FGTJz5CUWiTY2dt1CSQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311bfcdc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18407&min_rtt=12401&rtt_var=5394&sent=20&recv=15&lost=0&retrans=0&sent_bytes=8298&recv_bytes=2961&delivery_rate=361307&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1179&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 20:07:06 GMT
vary
Accept-Encoding
server
cloudflare
f.js
poop.thegalleryofart.org/assets/js/
11 KB
4 KB
Script
General
Full URL
https://poop.thegalleryofart.org/assets/js/f.js
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5edad327a5b8df6f02a91b351a62198488f4758867aaa2a5188210dfcb12cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"d4lnp92aqn3n8bf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMYVqgAgg%2FLoM%2FyyeHqyNl%2Bx9p09mXhMwJ3xm4zhcB6%2BpGgqxT6jiu4bGxYU7yv2w658hCfi74IoJ25jM9GCSZiVck%2BTz5ZX7UZxG1sQBrC2PHa7R6BcJIJK0f4QkyRosjc8PTf6n6Yl%2BEs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311bffdc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=17177&min_rtt=12401&rtt_var=7376&sent=39&recv=26&lost=0&retrans=0&sent_bytes=18322&recv_bytes=2961&delivery_rate=671066&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1374&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 22:00:07 GMT
vary
Accept-Encoding
server
cloudflare
m.js
poop.thegalleryofart.org/assets/js/
10 KB
3 KB
Script
General
Full URL
https://poop.thegalleryofart.org/assets/js/m.js?v=07
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5ea0d532fd5813749a2f173240815d1a2ebe088c0ff84aff44fde8478dcd55c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"2860-192eb3d9ad9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g14%2BYWZphWbTI9hyMpKRGnFmQQM1MG8NzdLqDMROeNpxjgj7Af50u6YDYYSAgb8lLY1jzkKPxjhh6b%2BGXoH6ehUMJ1ptUcvNLhg%2F08XPQlDOfZK6AXYh5EB%2BqdQyqzeipQ9FtL4xoV3Njog%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea311c03dc5a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=21173&min_rtt=12401&rtt_var=12095&sent=33&recv=21&lost=0&retrans=0&sent_bytes=14854&recv_bytes=2961&delivery_rate=671066&cwnd=257&unsent_bytes=0&cid=fb0249d9740291d3&ts=1356&x=0"
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 02 Nov 2024 04:58:56 GMT
x-powered-by
Express
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
323 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WKJQ5QHQTJ
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0d4512e749dcd4071d1182d25763c58943a4f1060d067cae4e2663ff456f3eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 15 Dec 2024 19:42:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109819
x-xss-protection
0
server
Google Tag Manager
css2
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;800&display=swap
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/assets/css/global.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
bd1da3cd11050fcd718ca73a6f3cfe22dd4643d5e96099f0940b32e0c5e24653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 19:42:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 19:42:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
838 B
480 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins&display=swap
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/assets/css/global.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
da4ccbf54da2b50caba88fce3ca1074307252a0d13c726df4cb5ab631a4b2f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 19:42:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 19:42:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 18:15:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/
435 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6840529569014734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4174761130244020438
age
4412
x-content-type-options
nosniff
expires
Sun, 29 Dec 2024 18:28:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 15 Dec 2024 18:28:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147831
x-xss-protection
0
server
cafe
full-main.png
poop.thegalleryofart.org/assets/media/background/
11 KB
12 KB
Image
General
Full URL
https://poop.thegalleryofart.org/assets/media/background/full-main.png
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/assets/css/global.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848f069524c78bb30ea8209ec5154ba17b216594d1bb466f92fa6e1c066ddc80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://poop.thegalleryofart.org/assets/css/global.css?v=6

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"d2n0nmc8ov9k8vp"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nU4CJS2Qxf6THEqLjp0XONTCFRA1JFchWGBjh8fBLG4wvSVU6XCtEVkiIb68yE54wCBXb0zCWyYlvSBY%2FCakyrIdhsEQdvtTialoD5hcyfk26EWwDBNtlFH8hAQtDZXj8idDv6d6J%2Fbu2ms%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea37d87ddc5a-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=17630&min_rtt=12401&rtt_var=996&sent=227&recv=80&lost=0&retrans=0&sent_bytes=234659&recv_bytes=3139&delivery_rate=8152339&cwnd=336&unsent_bytes=0&cid=fb0249d9740291d3&ts=2430&x=0"
content-length
11509
date
Sun, 15 Dec 2024 19:42:06 GMT
content-type
image/png
last-modified
Thu, 11 Jul 2024 21:09:56 GMT
vary
Accept-Encoding
server
cloudflare
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://poop.thegalleryofart.org
Referer
https://fonts.googleapis.com/

Response headers

age
470772
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 08:55:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 08:55:56 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://poop.thegalleryofart.org
Referer
https://fonts.googleapis.com/

Response headers

age
290850
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 10:54:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 10:54:38 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
pro.css
ka-f.fontawesome.com/releases/v6.1.1/css/
817 KB
116 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/pro.css
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/assets/js/f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30dbc80c7c135ac19c0156790fd4c96483d68ce687d544eb0d15761dc32cb5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"c32d02bc39bc74cf5f6ddf20e1dc699d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3qapBQEjxdgp9jkZqvF%2BlDjQ%2BGK3n8bu%2BsnhsypnlGw9YDJQ9S0QjtWIr6VOekiq%2Byrv2QhjGeFRfw1YU0SX4KMr96tB%2Bn6tp328HmdR3kG6k34jcMDhcOCMMGEBVPk0ZwIDFBIcbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
mjZndBbwUJf1Vfd1KOOKGf8wCllwS1bKQ3oWxOulHIvpF0S5-BzZng==
date
Sun, 15 Dec 2024 19:42:08 GMT
content-type
text/css
last-modified
Tue, 22 Mar 2022 15:20:26 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
server-timing
cfL4;desc="?proto=TCP&rtt=23272&min_rtt=21674&rtt_var=5991&sent=29&recv=9&lost=0&retrans=0&sent_bytes=22660&recv_bytes=2508&delivery_rate=178278&cwnd=254&unsent_bytes=0&cid=8ceedf2a65f8a22a&ts=299&x=0"
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cf-ray
8f28ea48ce0a71af-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
cloudflare
pro-v4-shims.css
ka-f.fontawesome.com/releases/v6.1.1/css/
40 KB
5 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/pro-v4-shims.css
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/assets/js/f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e399aa0c1450953c0619764448af81b78076ea5ad7ae48912e62b8f559760d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"7c6b7986bca4b03e54110f552081eea8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDpPmXtCquDAxwnfgbZ%2BCJ%2BxYMz%2FQJeDAfekfAPCRUW4gcVib4JNk5Pm3JnA%2FyVXPu2ePGPzD%2BwSTvAjpL8JSuZw64rQIX03NVuNvm3AUsTlt2iptW2PQVCcWzHqdNBM%2Ft%2BZApbrvw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
oTohoLFduGq6H_JOeM7uCSeeX-47d6ODzPK5-5ZZ_ifq-4MOLmFYVw==
date
Sun, 15 Dec 2024 19:42:08 GMT
content-type
text/css
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
server-timing
cfL4;desc="?proto=TCP&rtt=23272&min_rtt=21674&rtt_var=5991&sent=11&recv=9&lost=0&retrans=0&sent_bytes=7221&recv_bytes=2508&delivery_rate=178278&cwnd=254&unsent_bytes=0&cid=8ceedf2a65f8a22a&ts=289&x=0"
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
cf-ray
8f28ea48ce1071af-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
cloudflare
pro-v5-font-face.css
ka-f.fontawesome.com/releases/v6.1.1/css/
67 KB
10 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/pro-v5-font-face.css
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/assets/js/f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84cb10f8ef4f9e0cb700c08703d468ce64fd31b31e7e4ec197f31c8c795070c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a6bfc9d540862efd93ae48bde4016667"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FCccmz8vuTXag9s00L1YM1n8GpPHvymlVKAAis14wBghhPAT3I9Ythz2xF%2F3ALn0ovq2P3uT6VmUzJO5jCCPtC%2B6wQTnvDpTnLqNTEfA3t5%2FEaGa0fOdW1NAbhQljN2IUzx2EOSNCw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ShrzTNpvMEy2sxvFL_FqySgkjkeW7yEqrwRnpxqNfhWGV73NoVQusw==
date
Sun, 15 Dec 2024 19:42:08 GMT
content-type
text/css
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
server-timing
cfL4;desc="?proto=TCP&rtt=23272&min_rtt=21674&rtt_var=5991&sent=18&recv=9&lost=0&retrans=0&sent_bytes=12275&recv_bytes=2508&delivery_rate=178278&cwnd=254&unsent_bytes=0&cid=8ceedf2a65f8a22a&ts=293&x=0"
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
cf-ray
8f28ea48ce0f71af-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
cloudflare
pro-v4-font-face.css
ka-f.fontawesome.com/releases/v6.1.1/css/
12 KB
3 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/pro-v4-font-face.css
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/assets/js/f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7717c61d13ecaf0152946372a5680d8801ea915546d68c78d7465ce4b4afc9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"c5d60cc0a0043104d82d899a7c370d90"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BbvyQJS7xSvzQhNrjOz2vuPfExmR4Iqba%2B7cq2IaFoGSANqLXJsRqMVhILuHvLnb8JMIL4c%2FlvnqIiDKCmrfnJEmJ8tTLY4HEJLpYRv4R1kEauNvaRz%2BPcZKyhpHq%2BUflUq5orEMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
4ogStnIvWWJ03QkNDPCK0LgjAw-s7FyN9ceIpXvhnLUhQwvebHjjOQ==
date
Sun, 15 Dec 2024 19:42:08 GMT
content-type
text/css
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
server-timing
cfL4;desc="?proto=TCP&rtt=23272&min_rtt=21674&rtt_var=5991&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3989&recv_bytes=2508&delivery_rate=178278&cwnd=254&unsent_bytes=0&cid=8ceedf2a65f8a22a&ts=288&x=0"
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-ray
8f28ea48ce0e71af-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
server
cloudflare
main.png
poop.thegalleryofart.org/assets/media/favicon/
1 KB
2 KB
Image
General
Full URL
https://poop.thegalleryofart.org/assets/media/favicon/main.png
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
615d946c0012af2eb66ab7274d6fc46ff020cb61eb60b78be1750f2cce7b3afa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"d430sd0s2xm5151"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lfJNGg1CVyXBe%2FcvuHNsHGu3X%2FGGDTKA3NxIye7vzoguJHYKsBcAQgWt%2BUxFmQDBB1NI1gSCbjxAxpHQXLsYpKvwvhtPgsspmPeR4WhLYIUpPrXe3ADQI0TAv%2FlJ5MczzxS0rOlamy%2BGt0Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea3fda28dc5a-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19014&min_rtt=12401&rtt_var=2116&sent=239&recv=85&lost=0&retrans=0&sent_bytes=246854&recv_bytes=3209&delivery_rate=8152339&cwnd=346&unsent_bytes=0&cid=fb0249d9740291d3&ts=3538&x=0"
content-length
1477
date
Sun, 15 Dec 2024 19:42:07 GMT
content-type
image/png
last-modified
Wed, 11 Sep 2024 00:14:46 GMT
vary
Accept-Encoding
server
cloudflare
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame DAA1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
4539
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Dec 2024 18:26:29 GMT
etag
17661348622971093804
expires
Sun, 29 Dec 2024 18:26:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
112 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed-nav-bar&ign=false&pw=1600&ph=1200&x=800&y=69.6
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 15 Dec 2024 19:42:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame BEBE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840529569014734&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730523536&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fpoop.thegalleryofart.org%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1734291725594&bpp=2&bdt=647&idt=1726&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1850446271756&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95348683%2C31089340%2C95332590%2C95345967&oid=2&pvsid=2761262113529123&tmod=131718971&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1743
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Dec 2024 19:42:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
5e6b2776400180cc548a7dfd8ab3f717.js
flatjeep.com/5e/6b/27/
32 KB
14 KB
Script
General
Full URL
https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/assets/js/m.js?v=07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
5e6cb16094218ccda8c70da0986e568dacc4f0a621f15b4ad497a34cae3dbe93
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
84090428cca7445ce77913ad298080d1
Cache-Control
no-cache, max-age=0, private, no-cache
Content-Encoding
gzip
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 19:42:08 GMT
Content-Type
application/javascript
Host
flatjeep.com
Server
nginx/1.21.6
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WKJQ5QHQTJ&gtm=45je4cc1v895598987za200&_p=1734291727317&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1495716380.1734291727&ul=it-it&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1734291727&sct=1&seg=0&dl=https%3A%2F%2Fpoop.thegalleryofart.org%2F&dt=Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3469
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKJQ5QHQTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://poop.thegalleryofart.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 19:42:08 GMT
content-type
text/plain
server
Golfe2
pro-fa-solid-900-a9bef0.woff2
ka-f.fontawesome.com/releases/v6.1.1/webfonts/
24 KB
25 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-a9bef0.woff2
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5d84e639ef4801e84b33cafc158afebdd56ea61d4833b1ce4631151c07097c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://poop.thegalleryofart.org
Referer
https://poop.thegalleryofart.org/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"11edd2541e75e3f26006f9d14e05d75d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uvrTAtD44iJi%2FsrBzLE%2BAuIYGcE7Hicm3wB%2Boa9LUbrsBHm9h8jz6fQNc2nlp%2B8RxaiGqBZCFtc6lSSDxft5HCtQSfvxCcB0SHD1STyVxRGnkkwmSqqbyWmLL7PicLDEkyN%2BsPIcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
TOev8Nyw8Qfy1paO4Qy5au9knppUMAkCUgjxlur9QLCchqJ3uA3_UA==
date
Sun, 15 Dec 2024 19:42:08 GMT
content-type
font/woff2
last-modified
Tue, 22 Mar 2022 15:29:03 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
server-timing
cfL4;desc="?proto=TCP&rtt=23821&min_rtt=21674&rtt_var=738&sent=129&recv=35&lost=0&retrans=0&sent_bytes=142631&recv_bytes=2754&delivery_rate=2457913&cwnd=257&unsent_bytes=0&cid=8ceedf2a65f8a22a&ts=484&x=0"
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cf-ray
8f28ea4a0f6d71af-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
25024
x-amz-cf-pop
FRA56-C2
server
cloudflare
pro-fa-solid-900-d5bbe9.woff2
ka-f.fontawesome.com/releases/v6.1.1/webfonts/
25 KB
25 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-d5bbe9.woff2
Requested by
Host: poop.thegalleryofart.org
URL: https://poop.thegalleryofart.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d915cf722fb8c04fdde1e23784350d1d8662cde6bb4d578b9bdaa1dd895b1bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://poop.thegalleryofart.org
Referer
https://poop.thegalleryofart.org/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"c28e87bc0d4b1a1734b57c297e30e102"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHOjxS5354ieuLUaJEnZVg8A3Xa0Bb7skkCVmrEoFpSrjk3%2B4HytN3%2Bf%2F4CE0tVJo%2BEeLd6cnoXVmcg1xlrgufQNv%2FqYCSJQgAfKrQbMxNFKbc3fSoxCCRUaSTG%2BJhMRP6rQOip6wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
YeGzTiZU3DfzsCepM_X7U9qa0054W_LnzPL6oRjeQtoYAs_DPcg49w==
date
Sun, 15 Dec 2024 19:42:09 GMT
content-type
font/woff2
last-modified
Tue, 22 Mar 2022 15:29:03 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
server-timing
cfL4;desc="?proto=TCP&rtt=23821&min_rtt=21674&rtt_var=738&sent=151&recv=35&lost=0&retrans=0&sent_bytes=168729&recv_bytes=2754&delivery_rate=2457913&cwnd=257&unsent_bytes=0&cid=8ceedf2a65f8a22a&ts=504&x=0"
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-ray
8f28ea4a0f7071af-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
25296
x-amz-cf-pop
FRA56-C2
server
cloudflare
sfp.js
recordedthereby.com/
83 KB
84 KB
Script
General
Full URL
https://recordedthereby.com/sfp.js
Requested by
Host: flatjeep.com
URL: https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.196.197.71 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
a9ca0349c58496e440178b1a7c177391
Cache-Control
no-cache, max-age=0, private, no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
Content-Length
85378
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 19:42:09 GMT
Content-Type
application/javascript; charset=utf-8
Host
recordedthereby.com
Server
nginx/1.21.6
stats
proftrafficcounter.com/
40 B
306 B
XHR
General
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: flatjeep.com
URL: https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.237.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-237-16.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e78b6ed3891264c9a4444fbed7618e9a303a45de2484855e2e7b2c52640c117d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
https://poop.thegalleryofart.org
content-length
40
date
Sun, 15 Dec 2024 19:42:09 GMT
content-type
text/html; charset=UTF-8
vary
Origin
server
fasthttp
access-control-allow-credentials
true
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
5410a7769b9456b10f61bb444b136c427faac8b68779714687058e1cca316273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13075
date
Sun, 15 Dec 2024 19:42:09 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.png
poop.thegalleryofart.org/
271 B
724 B
Other
General
Full URL
https://poop.thegalleryofart.org/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abda1d813d63186f17433cf177be5c8da2fecadfe404b748129f115dd7a685d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"d430sd1rsxws7j"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83Vb0xZXcKrxxYsb15VUJqZA%2FBfiIlvuHszYh1h1MKuXd%2FTsG6NpWlC9kQKtAonRkwgSRA4NYqtVguqKQs7M5SiaBm4rV%2B11qNxFcnLrMNqrmX0FJlIIe2%2B77MPCA8axZc9swVddlNmcITk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea4c987edc5a-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=17034&min_rtt=12401&rtt_var=2402&sent=248&recv=90&lost=0&retrans=0&sent_bytes=249833&recv_bytes=3602&delivery_rate=8152339&cwnd=346&unsent_bytes=0&cid=fb0249d9740291d3&ts=5588&x=0"
content-length
271
date
Sun, 15 Dec 2024 19:42:09 GMT
content-type
image/png
last-modified
Wed, 11 Sep 2024 00:14:46 GMT
vary
Accept-Encoding
server
cloudflare
pxf.gif
unseenreport.com/
1 B
512 B
Image
General
Full URL
https://unseenreport.com/pxf.gif?uuid=f7879032-12ed-48e7-a9a4-1f77bee62dff&eb=6d09b13cddb253e32fddab407f363d46&te=f976e33ffa496ab48ef39dd362d7a869&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&dev=r&res=14.4127&b_frame=0&pk=5e6b2776400180cc548a7dfd8ab3f717&bl=it-IT&sr=1200x1600&sz=1200x1600&hjs=20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
b46ee8b22e8a8709684e918bad88fcd6
Cache-Control
no-cache, max-age=0, private, no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
Content-Length
1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 19:42:09 GMT
Content-Type
image/gif
Host
unseenreport.com
Server
nginx/1.19.5
sbar.json
haychalk.com/
13 KB
9 KB
XHR
General
Full URL
https://haychalk.com/sbar.json?key=5e6b2776400180cc548a7dfd8ab3f717&uuid=f7879032-12ed-48e7-a9a4-1f77bee62dff%3A1%3A1
Requested by
Host: flatjeep.com
URL: https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
2fed733e9d9377284f4b6783ebcf7f5b497fa643f90905e5312eaa77c8871077
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

X-Request-ID
772189b3a2f5c502e56efc587480e408
Content-Encoding
gzip
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 19:42:10 GMT
Content-Type
text/plain; charset=utf-8
Host
haychalk.com
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://poop.thegalleryofart.org
Access-Control-Allow-Origin
https://poop.thegalleryofart.org
Server
nginx/1.21.6
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 19:42:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 19:42:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
index.html
cdn.show-creative1.com/sb/interstitial/addon/multi/default/1/
4 KB
2 KB
XHR
General
Full URL
https://cdn.show-creative1.com/sb/interstitial/addon/multi/default/1/index.html
Requested by
Host: flatjeep.com
URL: https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace460523412a64373c591d92b1717316897b8bf3694be9e550ade56e2ef1e1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=315360000, public
access-control-expose-headers
Date
content-encoding
zstd
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XA3lmUtwsCJK6dGQjPPlQPC%2B1EQA5eCc7OAdPQW9LI0%2FHJkjX%2F1pFPmj7t7z92%2Br%2BIJmbHHsPostGyPuW%2FR66pLsEEPCdrOKFelR1ccXq03yEv66W5SUYEbpwB7JhBWtPOuvQV2xBWCC"}],"group":"cf-nel","max_age":604800}
cf-ray
8f28ea548e5fd2a4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12983&min_rtt=12689&rtt_var=2940&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3909&recv_bytes=2224&delivery_rate=289243&cwnd=253&unsent_bytes=0&cid=c0affe6b7e9f337b&ts=205&x=0"
date
Sun, 15 Dec 2024 19:42:10 GMT
content-type
text/html
last-modified
Wed, 07 Feb 2024 13:41:17 GMT
server
cloudflare
ren.gif
haychalk.com/
7 B
753 B
Image
General
Full URL
https://haychalk.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSzYtcxRav7oT3lo8kD97iIVxEJIFMp2%2Ff7r53yCLkw8QhEwxJNNmF%2Bro9lam%2Bda2q23emCRIMSpaNILrzzq8zCX5EVBCy8IseNzoSSLsaxIH8B27dSXcGBzxFcU6d3%2B8UdX513t0odkmEgu7IS2aotKYnOo1mcPRGGJ4MllVWrAVrSfdmt30sOJ3nWl6X7KLyJzpR3Ii6wdGLr167tHw80GpVBhckXzXHgrMr1vTliTAKG83ZCq7SlFq1VwKVPwqTTiNcTBrdVqMVYs3%2BI%2BGKGhytQQx2yWEoMf3P%2B9FtKD5B1v%2FinHSr3uTHX%2BkXmnpjMRAPX89WM1Nm6O%2BHqa0hzR7usWHc0%2FPfwWSb845gBn8TmZqS%2BpEnYNmD5w8HG4zDKATTUB5M%2FA%2FlYAKpJ1B0Am7uQgkNLrB0DVl%2Fc8lTvf4cojNoSv71wTdQ5ZT8%2B50PkfUfXdCGUR1cMYWXFmtpBbU2gepNkBdb8MMaVLkF7t%2BGEk9IU5%2Bc3XpJaZpBiZ2X0jiJF5tRayFsSbHQTmS8QBdpeyFM45hJ2W2JNJ1ro9QEKp1AyxGoq6GYbVVDkdZR5HX0xU7QjHgnlYngnKaMLzKZJqybMEkZ7zTTkKLgsx5G8PkIXI%2FA7R3k9g5W1Qi2%2BAFupYITNThPMBAVSklQOoKSEpSKoPQE5aDaFNq1XPVAaFewcM%2B39nxUjY3vbdBN43syI6B2BCuq%2Byp%2F090F97XxMHVkbFJHNvJdcmgmak1UN7Aqd4KO7LJWHHfbzWaYNDnvtBMai1QklEVpHMZwqoJy9bkEQzUlJ7PfkaspOXL8IzC6Bae3wNUB0OIF0LICXakwzL5eb%2FSMyry0zkutNbUNmucQpkLuD8Kv1zb0Lvn%2F%2FH%2FfuPcYkm%2Bf%2BuXWW3%2F%2B9uJTcFshtxVuqR8Jevre%2BIopyf0rpnTky9dyr%2FpqSL0y2VVPvTz4yUW5Xhorls650cen%2BQyYhZ9dk84v00yorOfIp2eUENKeN5ZL8u2Suy7Z5cKtnClsVuTLl8%2BeX%2BrnVjqnTDYBVU%2BzAbiakkMPf5rPc%2FOr21B2AltU6BfbZM%2BgzBZ4fgcu3z7187MLn%2F93%2BAzOEFi9z2F5DWVRjW2L7Se1ItBy%2F0xZBSf3JWBy%2B%2Fs%2FnmNjS2fVVFUb7h56tg7q7yLrVxjYCgNdgeoRXHFg7HO7ferXaG5guj5m2tbvM231e3ORp%2BTyy4%2Fh1E7Qilh7Me7GUUskUdriosvTZpSkMooimbS78G7auxke%2FisAAP%2F%2FAGCLyswEAAA%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
5cf3f9881c9f50918bf24338d26bebd3
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Content-Length
7
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 19:42:10 GMT
Content-Type
image/gif
Host
haychalk.com
Server
nginx/1.21.6
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 1148
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
552
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Dec 2024 19:32:58 GMT
expires
Sun, 15 Dec 2024 20:22:58 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 25F3
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2LAFbse1gwdYmn1Z_4rWmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2LAFbse1gwdYmn1Z_4rWmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Dec 2024 19:42:10 GMT
expires
Sun, 15 Dec 2024 19:42:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
animate.css
cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/css/
77 KB
5 KB
XHR
General
Full URL
https://cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/css/animate.css
Requested by
Host: flatjeep.com
URL: https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Date
content-encoding
gzip
cf-cache-status
MISS
etag
W/"65c38880-13365"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivHZeaEIQivhd9zXdUX7ITwG%2B9kJGNdmSmfGRoDx0k%2BSrO8WKe2u6LoPOrmVhG1Bk31k6Cr0FTLdfAEAh%2BBjreb0%2F1CGcU0FQ%2FzQkropDMN%2F2ShmWTca7chPgOC7Ruuw6g1RIKjev2Xh"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19843&min_rtt=14833&rtt_var=8258&sent=11&recv=9&lost=0&retrans=0&sent_bytes=5590&recv_bytes=2396&delivery_rate=145487&cwnd=253&unsent_bytes=0&cid=8eef1912d2b86d2c&ts=499&x=0"
date
Sun, 15 Dec 2024 19:42:11 GMT
content-type
text/css
last-modified
Wed, 07 Feb 2024 13:41:20 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f28ea5a1e7d3a9c-FRA
access-control-allow-origin
*
server
cloudflare
main.css
cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/css/
3 KB
2 KB
XHR
General
Full URL
https://cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/css/main.css
Requested by
Host: flatjeep.com
URL: https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5de4b9518a4be2a36c2d13b8fe34576451be61262610914f45ad94817a440728

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Date
content-encoding
gzip
cf-cache-status
MISS
etag
W/"65c3887f-baf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8bEJjMwKDCK6OCnJLZzX05dWgkemxfSFjylp0WJpf59R7q4TBJswVKJC22moi2Caig5iqBcAIus0Tb38pdGzcXtDCYXOXpIsqdVA81AI0m2SUWO%2FQwfBnbnNm7yYairIHK5td2RJ0nU"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19843&min_rtt=14833&rtt_var=8258&sent=8&recv=9&lost=0&retrans=0&sent_bytes=3905&recv_bytes=2396&delivery_rate=145487&cwnd=253&unsent_bytes=0&cid=8eef1912d2b86d2c&ts=497&x=0"
date
Sun, 15 Dec 2024 19:42:11 GMT
content-type
text/css
last-modified
Wed, 07 Feb 2024 13:41:19 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f28ea5a1e7f3a9c-FRA
access-control-allow-origin
*
server
cloudflare
script.js
cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/js/
23 KB
10 KB
XHR
General
Full URL
https://cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/js/script.js
Requested by
Host: flatjeep.com
URL: https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef39b39aa65f4aad994c2d1e398f6accb11c1bd55227c6fcb67dfa7eabc0c12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Date
content-encoding
zstd
cf-cache-status
MISS
etag
W/"65c38884-5a9b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQPcQnvbJdY12di5Dlh3Y%2FnJcRkv89qDNVDkmgI6cO7JGVGKrf99gs8OUIOyzwie0ZEV0YOBgfrNtMrhKfOCjk6d2z%2BSvPqOw3dBI6oqp9FEGGUZx2E3qUYneUQz5HVYeUuHk1gi7Rtg"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20118&min_rtt=14833&rtt_var=3946&sent=18&recv=12&lost=0&retrans=0&sent_bytes=11051&recv_bytes=2396&delivery_rate=527916&cwnd=255&unsent_bytes=0&cid=8eef1912d2b86d2c&ts=559&x=0"
date
Sun, 15 Dec 2024 19:42:11 GMT
content-type
application/javascript
last-modified
Wed, 07 Feb 2024 13:41:24 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f28ea5a1e7e3a9c-FRA
access-control-allow-origin
*
server
cloudflare
sbls
haychalk.com/pixel/
0
489 B
Image
General
Full URL
https://haychalk.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Finterstitial%2Faddon%2Fmulti%2Fdefault%2F1%2Findex.html&l=4322&fd=623.5999999046326
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
no-cache
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 15 Dec 2024 19:42:10 GMT
Host
haychalk.com
Server
nginx/1.21.6
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
css2
fonts.googleapis.com/ Frame 0923
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap
Requested by
Host: flatjeep.com
URL: https://flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
cd087671daf5f1711092d417f9ad4bc8755c7cd7232d2640a43b8e47f2fef5da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 19:42:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 19:42:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 19:39:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
close.svg
cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/img/ Frame 0923
1 KB
1 KB
Image
General
Full URL
https://cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/img/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d19d57fd7cf39e7a8214a9b2a7b1849e709856c1c164210f7768fbdd318db37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Date
content-encoding
zstd
cf-cache-status
HIT
etag
W/"65c38882-4fc"
age
894796
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZF96ZZ7rj5q4AM3xnUQlh4iX2H6k3JrPVBd7I%2F8PIpB35KshsmhTECT6YPj%2FrPP2cK1Zl1WlTCm7tSJ8jJTu%2BcawQNUtH3%2FOUGpgvI8qAWR5N50NwmQvwgFIlIX0xxdb81zhi5GckbfJ"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19059&min_rtt=18213&rtt_var=5113&sent=15&recv=9&lost=0&retrans=0&sent_bytes=10257&recv_bytes=2386&delivery_rate=185288&cwnd=253&unsent_bytes=0&cid=688e14badc80dc35&ts=125&x=0"
date
Sun, 15 Dec 2024 19:42:11 GMT
content-type
image/svg+xml
last-modified
Wed, 07 Feb 2024 13:41:22 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f28ea5ac82f37fd-FRA
access-control-allow-origin
*
server
cloudflare
icon-before.svg
cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/img/ Frame 0923
8 KB
3 KB
Image
General
Full URL
https://cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/img/icon-before.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77102e66068cf1ee07cdbd7158669db57408fe38645cd5401b48d3910456264

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Date
content-encoding
zstd
cf-cache-status
HIT
etag
W/"65c38882-1f07"
age
894796
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SzJ%2FAIY4fIwmj3i7EKg090EEncSu6iclWDHEa46RdcRIwwWo5UBOMnNbY21i14hBbn98f3eD6lRcQbwXMfrJS%2BHsKIp84ctCnZTAGY5tZmoHQxXlBVW59H2QPQ8cMLslv9rzfnyWm%2FMW"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18818&min_rtt=18213&rtt_var=6176&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3906&recv_bytes=2386&delivery_rate=185288&cwnd=252&unsent_bytes=0&cid=688e14badc80dc35&ts=113&x=0"
date
Sun, 15 Dec 2024 19:42:11 GMT
content-type
image/svg+xml
last-modified
Wed, 07 Feb 2024 13:41:22 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f28ea5ac83337fd-FRA
access-control-allow-origin
*
server
cloudflare
icon-after.svg
cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/img/ Frame 0923
7 KB
3 KB
Image
General
Full URL
https://cdn.creative-stat1.com/sb/interstitial/addon/multi/default/1/img/icon-after.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c41949abe3583b1c2ca04470c52a298b8d017136b953036d39195ef9a181d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Date
content-encoding
zstd
cf-cache-status
HIT
etag
W/"65c38882-1c01"
age
894796
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UN6O3lTDh0y6tmOzFxfG17bav0YgULe9eug2aWZEGe9ed3aFeEhIEArY8E2N7lvXNR3P1BmlZq7Kn4ooncdQ58p%2Bx8vFEKfWOp6tHXqja%2FTy5uOU2Tx9nV%2BaHjhmeLjZXmHLvzduQDg"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18818&min_rtt=18213&rtt_var=6176&sent=11&recv=8&lost=0&retrans=0&sent_bytes=7396&recv_bytes=2386&delivery_rate=185288&cwnd=252&unsent_bytes=0&cid=688e14badc80dc35&ts=114&x=0"
date
Sun, 15 Dec 2024 19:42:11 GMT
content-type
image/svg+xml
last-modified
Wed, 07 Feb 2024 13:41:22 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f28ea5ac83437fd-FRA
access-control-allow-origin
*
server
cloudflare
sbls
haychalk.com/pixel/
0
489 B
Image
General
Full URL
https://haychalk.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Faddon%2Fmulti%2Fdefault%2F1%2Fcss%2Fmain.css&l=2991&fd=1144.2999999523163
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
no-cache
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 15 Dec 2024 19:42:11 GMT
Host
haychalk.com
Server
nginx/1.21.6
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
sbls
haychalk.com/pixel/
0
489 B
Image
General
Full URL
https://haychalk.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Faddon%2Fmulti%2Fdefault%2F1%2Fcss%2Fanimate.css&l=78693&fd=1185.9000000953674
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
no-cache
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 15 Dec 2024 19:42:12 GMT
Host
haychalk.com
Server
nginx/1.21.6
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
sbls
haychalk.com/pixel/
0
489 B
Image
General
Full URL
https://haychalk.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Faddon%2Fmulti%2Fdefault%2F1%2Fjs%2Fscript.js&l=16990&fd=1233.8999998569489
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
no-cache
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 15 Dec 2024 19:42:12 GMT
Host
haychalk.com
Server
nginx/1.21.6
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
sodar
ep1.adtrafficquality.google/pagead/
0
0

impr.gif
haychalk.com/
7 B
753 B
Image
General
Full URL
https://haychalk.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSz4scxRevmYTv9yhJBA8iNCKSQHYyPT0z3UMOIT9MXLLBkESTW6jqqp6tTE1XW1U9vTsECQYlx0EQvdn7mWwWf0RUEHLwF7NedCWw42kRF%2FIfePUmM7u44CuK9%2Bp9Pq%2Bo96n3%2Flq%2BSwLkdEdc0UOpFD3VqtW947d8%2F7S3JNN8xVuJ2rfbzRPe2SxT4qZgl6U71QrCWtD2jl9%2B%2FcaVpZOekj3hXRJxT5%2Fwzi8b3Ren%2FMCv1WfLu04TauR%2BCWT22I9aNb8T1dqNWsPHivlPwuYVWFoBH%2BySo5B8%2BtyHwV3IeIK0%2F9UFYXtOZydf6%2BeKOm0w4Btvpr1UFyn6B2FiKkjSjX02tN2%2B%2BAN0uj7vCHrwL5HJKakeewqWPtp7ONhg7Ac%2BmIJ0YPwFFIMJhJpA0glifR%2BSK8QcizeQ9tcXHVWrexCdQVPyv4%2B%2Bgyym5P%2FvfYy0%2F%2FiS0owq75rOnTBYSUrIlQlkd4Is34QbViCLTcTuXUj%2BlNTV6dmtV6SiKSTfeSUJo7BTDxoLfkPwhWYkwgXaoc0FPwlDJkS7wZNkro2UE8hkAiVGoLaCfLZlBXlSRZ5V0ec7Xj2IW4mIeBzThMUdJpKItSMmKItb9cSnyONZDyO4bIRYjRCbe8jMPfTkCCb%2FCXa5hOUVWEcw4CUKQVBYgoISFJKgcATFoFznyjZs%2BYgrmzN%2F3zf2fVCOteuu0XXtuiIloGYEw8uHMnvb3kfsKuNhYslYJ5asZbvkyEzUCi9voSd2vJZos0YYtpv1uh%2FV47jVjGjIEx5RFiShH8LKEtJW5xIM5ZScTv9EJqfk2MlPwOgmrNpELA%2BB5i%2BBFiXocolh%2Bu1qratl6oSxTiilqKnRLAPXJTJ3GG61sqZ2yYvz%2F33rwROIeOvMb3fe%2BfuPl7cRmxKZKXFH%2FkzQVQ%2FG13RBHl7ThSVfv5E52ZdD6qROrzvqxOHPLovVQhu%2BeMGOPj0bz4BZ%2BMUNYd0STblMu5Z8fk5yLsxFbWJBvl%2B0NwW7mtvlc7lJ82zp6vmLi%2F3MCGulTiegcjsdIJZTcmTjl%2Fk817%2B5C2kmMHmJfr5F9g1SbyLO7sFmW2d%2BfXbpy%2BeHz2A1gVEHHJZVUOTl2DTYQVJJAiUOzpSVsOJAAia2fvxrDxsbOqumslyzD9A1VVB3H2m%2FxMCUGKgSVI1g80Njl5mtM78HcwNT1TFTpvqQKaM%2BmIs8JVdffQIrd7yw2Q47jDWCTtjifqPtR1EUBVEUs45I%2FGYTzk67t%2F2j%2FwQAAP%2F%2FO6tC48wEAAA%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
b052a9ebac88987c1a67226e95eb9cf0
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Content-Length
7
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2024 19:42:12 GMT
Content-Type
image/gif
Host
haychalk.com
Server
nginx/1.21.6
sbs
haychalk.com/pixel/
0
489 B
Image
General
Full URL
https://haychalk.com/pixel/sbs?c=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
no-cache
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 15 Dec 2024 19:42:12 GMT
Host
haychalk.com
Server
nginx/1.21.6
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 0923
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://poop.thegalleryofart.org
Referer
https://fonts.googleapis.com/

Response headers

age
359496
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 15:50:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:50:36 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 0923
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://poop.thegalleryofart.org
Referer
https://fonts.googleapis.com/

Response headers

age
115324
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 0923
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://poop.thegalleryofart.org
Referer
https://fonts.googleapis.com/

Response headers

age
496767
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WKJQ5QHQTJ&gtm=45je4cc1v895598987za200&_p=1734291727317&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1495716380.1734291727&ul=it-it&are=1&frm=0&pscdl=noapi&_eu=AEA&_geo=1&_rdi=1&_s=2&sid=1734291727&sct=1&seg=0&dl=https%3A%2F%2Fpoop.thegalleryofart.org%2F&dt=Home&en=scroll&epn.percent_scrolled=90&_et=3&tfd=8474
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKJQ5QHQTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://poop.thegalleryofart.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 19:42:12 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=2761262113529123&bg=!5Oel56jNAAbtGp3CzRo7ADQBe5WfOI1zCz1i8Ycz7FETRSIG25ZrhNVEtPVTiB5PtLW9NWTrB8_iQXOI7EmrmRfgn1BjAgAAACJSAAAAAmgBB34ANuMOfblhNYeZ52bZGoRPA0skEUbi46AZytbUdQzq7gwPmv-6J_grXMT8g21qb9qiUbHt-QXm0goAFSyWGER5WSQMGTWSSNjPaTY06rvKx5kCpcqoFbtiuQ2gabJHLFg__LbWX4QFVws262YpKXfiRLkakz32YfPwSUOkJA7icZ6fV_RhqMCw3gin7Uohzk2TcR9RO8lPbDy5rurdAIvXIUDxuPVsfrVmlOPuCGcvkz9_UerrvvFsNKaoQ8lChsIfVg8eblguacJ2TxbZukX90gk-xYb5zQm6EKXP3w-jrzEyGJjz2bxaPwZXv8wipmM8nLhkiAJP3lUtkh5JcI7T323yPH8oMF8I9K3rmH_UybwDggubtkqw6dAGkXRBrKBu-TZdNR98kVujUA7wddcZpevVdoBJExy7n2S1aBLs4-68-4sw8KtwyFTqDS2JJGSYAhnIrH_rpLlJnCYzeqeEo2fkGB7eiEtchruRUBfPZbNjXyQ-7l2Fry2kin8kvdsljMKH0Qqf8QmPrvQzgXutmviZEyRNolsxrkya576Vn8KUVTjY41i7G0M0YUNtXpP7ji-O6-PdjvRpsO8-cYvi6_bV-SSEoRlSboLA-R6PrYrz8XufFY7tOFzgETbV4Z4OaEfq6rVUzcA_HL9RtedV1UeZmkPX1u3kP2QIyFfVnOv8zcX7cIUVGaqhNCE-CvGpkdOcMAndwNgb9757DqWlYt1U3WkyPq62pmAjpOQgA0VTNcHbEhnwfAG58L66ggk-fizhgwifMCG-bFXIFGYz583PK0AESoK816zq8DLzM-XovAf2s0Pi8mP6Lh5Wyz4cht6EWDac3Vfwz-lTxZG1aL8sP_dv_ID1_FJtr4xmUcHjfKwc16ippRneVBeVMlmu5aXImelIL240njsZQ-umww8ejfp8dEERR7BR5_eQ3zuw3bkfw7L1aROB1zCl24bU-0_VhKGuzM3ln1ciUcRilveZmjmODGVyCnEbOZJy2AdFjKRKYm8Q

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS function| processUrl function| go function| blank function| dy function| isUrl function| US function| getRandomUrl function| randRange function| UVClient function| Ultraviolet object| __uv$config object| FontAwesomeKitConfig function| gtag object| dataLayer function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| a0J function| a0u object| sbslms function| _0x43e5 function| _0x4625 object| LieDetector object| GoogleGcLKhOms

14 Cookies

Domain/Path Name / Value
.thegalleryofart.org/ Name: _ga
Value: GA1.1.1495716380.1734291727
.thegalleryofart.org/ Name: _ga_WKJQ5QHQTJ
Value: GS1.1.1734291727.1.0.1734291727.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
proftrafficcounter.com/ Name: uid_id2
Value: f7879032-12ed-48e7-a9a4-1f77bee62dff:1:1
poop.thegalleryofart.org/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: f7879032-12ed-48e7-a9a4-1f77bee62dff%3A1%3A1
poop.thegalleryofart.org/ Name: sb_main_5e6b2776400180cc548a7dfd8ab3f717
Value: 1
poop.thegalleryofart.org/ Name: sb_count_5e6b2776400180cc548a7dfd8ab3f717
Value: 1
haychalk.com/ Name: u_pl23371864
Value: 1
haychalk.com/ Name: uid_id2
Value: f7879032-12ed-48e7-a9a4-1f77bee62dff:1:1
haychalk.com/ Name: pdhtkv
Value: true
haychalk.com/ Name: uncs
Value: 1
haychalk.com/ Name: pdhtkv29
Value: true
haychalk.com/ Name: uncs29
Value: 1
poop.thegalleryofart.org/ Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf
Value: haychalk.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.creative-stat1.com
cdn.jsdelivr.net
cdn.show-creative1.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
flatjeep.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
haychalk.com
ka-f.fontawesome.com
pagead2.googlesyndication.com
poop.thegalleryofart.org
proftrafficcounter.com
recordedthereby.com
unseenreport.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
104.18.187.31
142.250.184.196
142.250.184.226
142.250.184.238
142.250.185.195
142.250.186.130
142.250.186.66
142.250.186.74
142.250.74.193
172.217.18.104
172.67.139.119
172.67.204.156
172.67.208.42
18.185.237.16
185.196.197.71
188.114.96.9
192.243.59.20
192.243.61.227
0d4512e749dcd4071d1182d25763c58943a4f1060d067cae4e2663ff456f3eb6
0d915cf722fb8c04fdde1e23784350d1d8662cde6bb4d578b9bdaa1dd895b1bd
1583957a04d599a02b2a81644f47153a667b6bc821215bfcbc1cd0422d3bcae8
2605547a547e85feafd41ddfa7311354c6c70d5aa5b7e84897940775d0a74a07
2fed733e9d9377284f4b6783ebcf7f5b497fa643f90905e5312eaa77c8871077
321102f8bc99fb0427e333eded2188c275754f1274173dcdca31f70a462d091d
32694d8344058312ce866dd3be6e01107fb11371588e84be274383c1ac7a3e63
4abda1d813d63186f17433cf177be5c8da2fecadfe404b748129f115dd7a685d
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
5410a7769b9456b10f61bb444b136c427faac8b68779714687058e1cca316273
5a25daa9a66b774ba50abf4bb7835f7f55c2e7de18241d8f49130a6f5a2c078f
5de4b9518a4be2a36c2d13b8fe34576451be61262610914f45ad94817a440728
5e6cb16094218ccda8c70da0986e568dacc4f0a621f15b4ad497a34cae3dbe93
5ea0d532fd5813749a2f173240815d1a2ebe088c0ff84aff44fde8478dcd55c2
615d946c0012af2eb66ab7274d6fc46ff020cb61eb60b78be1750f2cce7b3afa
64c41949abe3583b1c2ca04470c52a298b8d017136b953036d39195ef9a181d3
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
7c3f60a9e2f7a754c784565c2b5dfa3c73d5b6ffb19eecf772d3d5a9249702d0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81c54446144e390dde5355d1a9288fcadc5efcddf5061361a9d8296d7c5a3fcb
848f069524c78bb30ea8209ec5154ba17b216594d1bb466f92fa6e1c066ddc80
84cb10f8ef4f9e0cb700c08703d468ce64fd31b31e7e4ec197f31c8c795070c8
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8d19d57fd7cf39e7a8214a9b2a7b1849e709856c1c164210f7768fbdd318db37
9ef39b39aa65f4aad994c2d1e398f6accb11c1bd55227c6fcb67dfa7eabc0c12
ace460523412a64373c591d92b1717316897b8bf3694be9e550ade56e2ef1e1e
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b8e399aa0c1450953c0619764448af81b78076ea5ad7ae48912e62b8f559760d
b9415e01da7bdaeaaae61b16e8116a2cd2a4c8264ea399a1323fad66aec1adf6
bd1da3cd11050fcd718ca73a6f3cfe22dd4643d5e96099f0940b32e0c5e24653
cb5d84e639ef4801e84b33cafc158afebdd56ea61d4833b1ce4631151c07097c
cd087671daf5f1711092d417f9ad4bc8755c7cd7232d2640a43b8e47f2fef5da
d30dbc80c7c135ac19c0156790fd4c96483d68ce687d544eb0d15761dc32cb5c
d77102e66068cf1ee07cdbd7158669db57408fe38645cd5401b48d3910456264
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da4ccbf54da2b50caba88fce3ca1074307252a0d13c726df4cb5ab631a4b2f70
ddc9091e20ba7ca9c15355902f8283ddb548de03ed6fdb4976691ab6ca0e026b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7717c61d13ecaf0152946372a5680d8801ea915546d68c78d7465ce4b4afc9e
e78b6ed3891264c9a4444fbed7618e9a303a45de2484855e2e7b2c52640c117d
ee5edad327a5b8df6f02a91b351a62198488f4758867aaa2a5188210dfcb12cb
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99