cloud-shovelbill.com Open in urlscan Pro
172.67.217.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jftxhjttxh.lat/?shiny
Effective URL:
https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On October 18 via api (October 18th 2024, 10:35:44 pm UTC) from JP — Scanned from JP

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 7 countries across 16 domains to perform 67 HTTP transactions. The main IP is 172.67.217.242, located in United States and belongs to CLOUDFLARENET, US. The main domain is cloud-shovelbill.com.
TLS certificate: Issued by WE1 on October 3rd 2024. Valid for: 3 months.

This is the only time cloud-shovelbill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 16	2.58.67.161 2.58.67.161	44051 (FORNEX-AS) (FORNEX-AS)
15	2a02:6b8::1d9 2a02:6b8::1d9	13238 (YANDEX) (YANDEX)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.25.163 172.217.25.163	15169 (GOOGLE) (GOOGLE)
2	116.202.32.33 116.202.32.33	24940 (HETZNER-AS) (HETZNER-AS)
3	31.220.27.154 31.220.27.154	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2404:6800:400... 2404:6800:400a:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:400a:804::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:400a:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c01::9b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:400a:804::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.31.131 172.217.31.131	15169 (GOOGLE) (GOOGLE)
1 1	85.192.12.187 85.192.12.187	12695 (DINET-AS) (DINET-AS)
13	172.67.217.242 172.67.217.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:400a:80e::200a	15169 (GOOGLE) (GOOGLE)
6	142.250.76.131 142.250.76.131	15169 (GOOGLE) (GOOGLE)
1	116.202.32.31 116.202.32.31	24940 (HETZNER-AS) (HETZNER-AS)
1	85.192.12.172 85.192.12.172	12695 (DINET-AS) (DINET-AS)
67	18

16 2.58.67.161 (Frankfurt am Main, Germany) 3 redirects

ASN44051 (FORNEX-AS, ES)
PTR: dsde1342.fornex.org

jftxhjttxh.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yrsggseg.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1d9 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

storage.yandexcloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.25.163 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s13-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.32.33 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.33.32.202.116.clients.your-server.de

gsimvqfghc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ffrtrinvzk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.220.27.154 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

afrdtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80e::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:804::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80a::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c01::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:804::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.31.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.187 (Russian Federation) 1 redirects

ASN12695 (DINET-AS, RU)

fountain-anthropos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.217.242 (United States)

ASN13335 (CLOUDFLARENET, US)

cloud-shovelbill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80e::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.76.131 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.32.31 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.32.202.116.clients.your-server.de

gsimvqfghc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.172 (Russian Federation)

ASN12695 (DINET-AS, RU)

fountain-yttrialite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	yandexcloud.net storage.yandexcloud.net	7 MB
15	yrsggseg.store 2 redirects yrsggseg.store	97 KB
13	cloud-shovelbill.com cloud-shovelbill.com	212 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	90 KB
3	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 617 fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
3	afrdtech.com afrdtech.com	20 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	544 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	158 KB
2	gsimvqfghc.com gsimvqfghc.com — Cisco Umbrella Rank: 377368	15 KB
1	fountain-yttrialite.com fountain-yttrialite.com	1 KB
1	ffrtrinvzk.com ffrtrinvzk.com — Cisco Umbrella Rank: 758870	4 KB
1	fountain-anthropos.com 1 redirects fountain-anthropos.com	1 KB
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26226	63 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 147
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	28 KB
1	jftxhjttxh.lat 1 redirects jftxhjttxh.lat	234 B
67	16

	Domain	Requested by
15	storage.yandexcloud.net	yrsggseg.store
15	yrsggseg.store	2 redirects yrsggseg.store cdnjs.cloudflare.com
13	cloud-shovelbill.com	afrdtech.com cloud-shovelbill.com
6	fonts.gstatic.com	fonts.googleapis.com
3	afrdtech.com	yrsggseg.store afrdtech.com
3	www.gstatic.com	yrsggseg.store
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	www.googletagmanager.com	www.gstatic.com www.googletagmanager.com
2	gsimvqfghc.com	yrsggseg.store cloud-shovelbill.com
1	fountain-yttrialite.com	cloud-shovelbill.com
1	fonts.googleapis.com	cloud-shovelbill.com
1	ffrtrinvzk.com	cloud-shovelbill.com
1	fountain-anthropos.com	1 redirects
1	www.google.co.jp	yrsggseg.store
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	yrsggseg.store
1	jftxhjttxh.lat	1 redirects
67	19

This site contains no links.

Subject Issuer	Validity	Valid
*.yrsggseg.store E6	`2024-10-17` - `2025-01-15`	3 months	crt.sh
*.website-1.yandexcloud.net GlobalSign RSA OV SSL CA 2018	`2024-07-12` - `2025-02-11`	7 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
zyjbvnxiig.com R10	`2024-09-10` - `2024-12-09`	3 months	crt.sh
afrdtech.com R10	`2024-08-09` - `2024-11-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.co.jp WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
cloud-shovelbill.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
expo-s.com R11	`2024-09-17` - `2024-12-16`	3 months	crt.sh
fountain-yttrialite.com R10	`2024-10-03` - `2025-01-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Frame ID: 1B51FB0C744B5E0847CAFDD7471495DA
Requests: 68 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-PW1KF6H42V&gacid=2136725318.1729290934&gtm=45je4ah0v880092253za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529665~101533421~101686685&z=921164648
Frame ID: 137619DEEA846C1840B69B86BEC1D906
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MIXER NOVOSTEI

Page URL History Show full URLs

http://jftxhjttxh.lat/?shiny HTTP 307
https://jftxhjttxh.lat/?shiny HTTP 302
https://yrsggseg.store/ HTTP 302
https://yrsggseg.store/wid162/ HTTP 302
https://yrsggseg.store/cid534304568/ Page URL
https://fountain-anthropos.com/back?utm_campaign=27859&utm_source=&isd=1&utm_medium=7738&sid6=Kaminari HTTP 307
https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

100 %
HTTPS

39 %
IPv6

16
Domains

19
Subdomains

18
IPs

7
Countries

7312 kB
Transfer

8196 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jftxhjttxh.lat/?shiny HTTP 307
https://jftxhjttxh.lat/?shiny HTTP 302
https://yrsggseg.store/ HTTP 302
https://yrsggseg.store/wid162/ HTTP 302
https://yrsggseg.store/cid534304568/ Page URL
https://fountain-anthropos.com/back?utm_campaign=27859&utm_source=&isd=1&utm_medium=7738&sid6=Kaminari HTTP 307
https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://jftxhjttxh.lat/?shiny HTTP 307
https://jftxhjttxh.lat/?shiny HTTP 302
https://yrsggseg.store/ HTTP 302
https://yrsggseg.store/wid162/ HTTP 302
https://yrsggseg.store/cid534304568/

67 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
yrsggseg.store/cid534304568/
Redirect Chain

http://jftxhjttxh.lat/?shiny
https://jftxhjttxh.lat/?shiny
https://yrsggseg.store/
https://yrsggseg.store/wid162/
https://yrsggseg.store/cid534304568/

30 KB
7 KB

419ms
419ms

Document
text/html

2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),
Reverse DNS: dsde1342.fornex.org
Software: nginx / PHP/7.4.33
Resource Hash: a4d398c248b66c95dfbad161ca20b9df239e51c954e96550bbc3cecc8ad7ae6d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 18 Oct 2024 22:35:32 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

access-control-allow-origin: *
content-type: text/html;charset=UTF-8
date: Fri, 18 Oct 2024 22:35:32 GMT
location: https://yrsggseg.store/cid534304568/
server: nginx
x-powered-by: PHP/7.4.33

GET
H2 200 style-main-i.css
yrsggseg.store/assets/templates/default/css/news/ 14 KB
4 KB 280ms
279ms Stylesheet
text/css 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/css/news/style-main-i.css?v1

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

34409a574b42da1c32af2783b23b27c56d8abdd97596927d5ab21ced3d714fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/cid534304568/

Response headers

content-encoding: gzip
etag: W/"66965e5a-364b"
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 11:49:46 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 main.js Show response
yrsggseg.store/assets/templates/default/js/news/ 27 KB
6 KB 281ms
280ms Script
application/javascript 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/js/news/main.js?88

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

ae4fcb6a148fb4d05ac2a51a48fdcb022c42b224b38e3bd1bfb5548615751ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/cid534304568/

Response headers

content-encoding: gzip
etag: W/"66b5fecb-6b0a"
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 09 Aug 2024 11:34:35 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 b92497a714663ea8ae96d9fae671aedb832de3b1.png
storage.yandexcloud.net/kma-vitrina/4cb90203564a5255ce7772765133f31a/ 16 KB
16 KB 3712ms
302ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/4cb90203564a5255ce7772765133f31a/b92497a714663ea8ae96d9fae671aedb832de3b1.png
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

etag: "744c36cb53d0ebbe8841a525e0f205fc"
x-amz-request-id: 002343f8d84a9e6f
accept-ranges: bytes
content-length: 15919
date: Fri, 18 Oct 2024 22:35:36 GMT
content-type: application/octet-stream
last-modified: Mon, 29 Aug 2022 14:35:33 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 e8275f7564ae1b971d080406188b4378058adf09-200x161.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 14 KB
14 KB 3512ms
397ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/e8275f7564ae1b971d080406188b4378058adf09-200x161.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "fee5a7fd88c6121199a728c7f12bfb48"
x-amz-request-id: e0f2f6e9ba8ce051
accept-ranges: bytes
content-length: 13909
date: Fri, 18 Oct 2024 22:35:36 GMT
content-type: application/octet-stream
last-modified: Tue, 01 Oct 2024 15:53:36 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 713a1ae737c86afb1518c372962700b6d85b268d-200x161.gif
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 166 KB
167 KB 3210ms
376ms Image
image/gif 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/713a1ae737c86afb1518c372962700b6d85b268d-200x161.gif
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "a3feca41f7db870331aaa3b02f6ab542"
x-amz-request-id: e8a71a45faaf9e03
accept-ranges: bytes
content-length: 170348
date: Fri, 18 Oct 2024 22:35:36 GMT
content-type: image/gif
last-modified: Wed, 02 Oct 2024 06:38:02 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 a2fe69ebd2008519b656e698ad2636ea2130d0bf-200x161.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 14 KB
14 KB 2263ms
1006ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/a2fe69ebd2008519b656e698ad2636ea2130d0bf-200x161.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "f837302e31b83f527cc20fb96f354406"
x-amz-request-id: 98745ad02612faf7
accept-ranges: bytes
content-length: 14119
date: Fri, 18 Oct 2024 22:35:34 GMT
content-type: application/octet-stream
last-modified: Wed, 09 Oct 2024 15:45:41 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 cd60fe6658854d83d64563ab5a951ae92c1cac89-200x161.jpeg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 17 KB
17 KB 1208ms
889ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/cd60fe6658854d83d64563ab5a951ae92c1cac89-200x161.jpeg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3e89bec9349d0382c3651885691fe6b0edc3eebd7a8f10eba5d41a0b046895e0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "53d93fb77303025bec19f7355e771270"
x-amz-request-id: cb1b80e64f7ab5d4
accept-ranges: bytes
content-length: 17393
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/octet-stream
last-modified: Thu, 03 Oct 2024 03:15:49 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 522c548a420eb0c873e2d1bfe3b390f3ec73edc1-200x161.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 19 KB
19 KB 3315ms
302ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/522c548a420eb0c873e2d1bfe3b390f3ec73edc1-200x161.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "8c068cc6ef8371c0f9a45d0b4ab574a5"
x-amz-request-id: 46239b9547945617
accept-ranges: bytes
content-length: 19657
date: Fri, 18 Oct 2024 22:35:36 GMT
content-type: application/octet-stream
last-modified: Thu, 10 Oct 2024 15:05:36 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 22c8ec16521cb3e13c238e0f7ce1d87b1db8a99c-200x161.gif
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 1 MB
1 MB 1820ms
921ms Image
image/gif 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/22c8ec16521cb3e13c238e0f7ce1d87b1db8a99c-200x161.gif
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "34c41bfbdd38caedac57026e939934d3"
x-amz-request-id: 4d4f8e7dacf47a71
accept-ranges: bytes
content-length: 1196455
date: Fri, 18 Oct 2024 22:35:34 GMT
content-type: image/gif
last-modified: Thu, 10 Oct 2024 10:21:14 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 e8061f5c7e6d7a1f70249b2412c55b4d8829bbd7-400x235.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 38 KB
38 KB 2772ms
776ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/e8061f5c7e6d7a1f70249b2412c55b4d8829bbd7-400x235.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "0937d5a723ab0ce84cf3de77e1016f98"
x-amz-request-id: b51c97a103b346f5
accept-ranges: bytes
content-length: 39003
date: Fri, 18 Oct 2024 22:35:35 GMT
content-type: application/octet-stream
last-modified: Tue, 01 Oct 2024 13:41:23 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 1c3046e478174cc90e70489910d709297a2f98b5-400x235.gif
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 3 MB
3 MB 1196ms
892ms Image
image/gif 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/1c3046e478174cc90e70489910d709297a2f98b5-400x235.gif
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "dfa0eee04a43fe4a07ecd2ddecf342c5"
x-amz-request-id: 13a98d3388b75c9c
accept-ranges: bytes
content-length: 3373485
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: image/gif
last-modified: Mon, 14 Oct 2024 11:18:27 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 ab5d14493c3fc17562be3d70e2d9a1ca2f8fa751-400x235.gif
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 2 MB
2 MB 899ms
595ms Image
image/gif 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ab5d14493c3fc17562be3d70e2d9a1ca2f8fa751-400x235.gif
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "71d83e6a5b917bacc145de46be0241d3"
x-amz-request-id: dac6f9f4ae8497b1
accept-ranges: bytes
content-length: 1823936
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: image/gif
last-modified: Mon, 14 Oct 2024 08:11:47 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 e6ac817030e9f7d2d51e81420b2f3a8f6ce0bca9-400x235.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 27 KB
27 KB 886ms
582ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/e6ac817030e9f7d2d51e81420b2f3a8f6ce0bca9-400x235.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: e9c599a95f85a87a8961288a28727e3b63bf7837a22d41d0b636367d81da26ae

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "6bdd9dee8df95c5001e20a844e522ec8"
x-amz-request-id: 14bfdb3d07ea2a38
accept-ranges: bytes
content-length: 27237
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/octet-stream
last-modified: Tue, 08 Oct 2024 16:59:24 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 498eef8c999b5910701653c30cd6c89b5ae8dd23-400x235.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 40 KB
41 KB 1195ms
891ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/498eef8c999b5910701653c30cd6c89b5ae8dd23-400x235.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0ce78c0984fc04f5b007518b147f15ffcf74a2342730fe15c30e37b3f552dd46

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "af10660ce5a801a4da2a86113db4cc74"
x-amz-request-id: 97bc32b9b680d38a
accept-ranges: bytes
content-length: 41289
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/octet-stream
last-modified: Tue, 01 Oct 2024 14:19:40 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 e54eeb5dd4670d0a9584aba9d8bff1772aeaa8b4-400x235.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 23 KB
24 KB 1194ms
890ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/e54eeb5dd4670d0a9584aba9d8bff1772aeaa8b4-400x235.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 473cb16ded780fdd29f54fa4263d89e7ed3deb24893a0edb1dd98ed1da5bfcb5

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "704a0fc3ccbcbaee21856f43d46dabdb"
x-amz-request-id: b4587a71c5125e22
accept-ranges: bytes
content-length: 23829
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/octet-stream
last-modified: Thu, 03 Oct 2024 00:54:24 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 005464934271fd7280f5669e4ec64694e9b1f5b4-400x235.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 33 KB
34 KB 3081ms
701ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/005464934271fd7280f5669e4ec64694e9b1f5b4-400x235.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "885ccb55303797037f1c3985abffa6f6"
x-amz-request-id: 0a7d0953912e4391
accept-ranges: bytes
content-length: 34052
date: Fri, 18 Oct 2024 22:35:35 GMT
content-type: application/octet-stream
last-modified: Tue, 08 Oct 2024 16:37:36 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 635c8581b91e58c9955257f3f1203176456dee7a-400x235.jpg
storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/ 23 KB
24 KB 2772ms
793ms Image
application/octet-stream 2a02:6b8::1d9
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.yandexcloud.net/kma-vitrina/766d0837a7d1dfba19e65958e2fb28e9/635c8581b91e58c9955257f3f1203176456dee7a-400x235.jpg
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1d9 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: max-age=604800
etag: "55118feaeb3d07056e21ae66bb376ec5"
x-amz-request-id: eb2cca04898778a6
accept-ranges: bytes
content-length: 23855
date: Fri, 18 Oct 2024 22:35:35 GMT
content-type: application/octet-stream
last-modified: Wed, 16 Oct 2024 18:47:24 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 20ms
11ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb09ed3-15d84"
age: 174769
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p41Q6Nf8H4jn5fYmPTMLvB9Jo8bNqI2OPQUbDhqMDirkwpONWbo0DxLN6%2FYXf07EpRvHr5T56eeCcULRMLGvMnI4qn0KXRfYiEM93XR%2FcOJQTvL8He%2FEwwTsHeT6Zbni9%2BxHqRni"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 22:35:33 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 23:01:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d4c008e0c1ddfe1-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27958
server: cloudflare

GET
H2 200 loader.js Show response
yrsggseg.store/assets/templates/default/js/news/ 2 KB
712 B 282ms
279ms Script
application/javascript 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/js/news/loader.js?4

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

e966cf5b56ad9ddc50d3c5284cd8e1ba853c56841bfe052c4c4da134d70e6bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/cid534304568/

Response headers

content-encoding: gzip
etag: W/"6540c350-7af"
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 31 Oct 2023 09:05:20 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.0.0/ 12 KB
4 KB 62ms
11ms Script
text/javascript 172.217.25.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.0.0/firebase-app.js

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f3.1e100.net

Software

sffe /

Resource Hash

f1cde4a10ecad8f1de7cc35e19e8c710266ee4308d7af9349d827e6486d1d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

content-encoding: gzip
age: 43091
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 10:37:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 10:37:22 GMT
last-modified: Wed, 25 Sep 2019 21:08:26 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4048
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.0.0/ 45 KB
12 KB 64ms
14ms Script
text/javascript 172.217.25.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.0.0/firebase-messaging.js

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f3.1e100.net

Software

sffe /

Resource Hash

cf0ffaf3d4a4821f6a3ac85bfb0e14a3ba3a81046be00bd3e07e1f5ba0e9650b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

content-encoding: gzip
age: 100084
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 18:47:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 18:47:29 GMT
last-modified: Wed, 25 Sep 2019 21:08:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11922
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/7.0.0/ 21 KB
7 KB 61ms
11ms Script
text/javascript 172.217.25.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.0.0/firebase-analytics.js

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f3.1e100.net

Software

sffe /

Resource Hash

86a3f1f07da34aa7a02a017e2425b970cc3a6e93e7b65e52374ad9fe7f38d4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

content-encoding: gzip
age: 100084
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 18:47:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 18:47:29 GMT
last-modified: Wed, 25 Sep 2019 21:08:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6830
x-xss-protection: 0
server: sffe

GET
H2 200 firebase_subscribe_v2.js Show response
yrsggseg.store/assets/js/ 8 KB
2 KB 283ms
280ms Script
application/javascript 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/js/firebase_subscribe_v2.js?v2

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

f8b2fffaa84d5af755ed88807338b0d0a33919d5935a82810a822a72a53b6958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/cid534304568/

Response headers

content-encoding: gzip
etag: W/"64ca1064-1ed7"
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Aug 2023 08:14:28 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 fe5cd2d78fbe33d7fae38c932a44671ab251d59b.js Show response
gsimvqfghc.com/v2/185312/ 29 KB
8 KB 1622ms
353ms Script
application/javascript 116.202.32.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gsimvqfghc.com/v2/185312/fe5cd2d78fbe33d7fae38c932a44671ab251d59b.js
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.32.33 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.33.32.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: a636da6d812c1e827aa01bfa1d456e1b9f8f1a8ff9d8484aa00577b47a39e3db

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

access-control-allow-headers: *
cache-control: max-age=315360000
access-control-expose-headers: *
content-encoding: gzip
etag: W/"66c5c592-7281"
access-control-allow-methods: GET
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 18 Oct 2024 22:35:34 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 10:46:42 GMT
server: nginx/1.18.0
vary: Accept-Encoding

GET
H2 200 header.css
yrsggseg.store/assets/templates/default/css/news/other/ 9 KB
2 KB 280ms
280ms Stylesheet
text/css 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/css/news/other/header.css?27

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

ec51c774b9b96a9a3d7065b08f4ec039e33c237489b89f367be9b453664177d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/cid534304568/

Response headers

content-encoding: gzip
etag: W/"63f612b1-242a"
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: text/css
last-modified: Wed, 22 Feb 2023 13:03:45 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 script.js Show response
afrdtech.com/v1/ 48 KB
20 KB 1048ms
519ms Script
application/javascript 31.220.27.154
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://afrdtech.com/v1/script.js?kmnrKey=169217547
Requested by: Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e1c776eea8393704c5959d943c490a9613abc8585805d3ad88f0cdcaae03db2d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
date: Fri, 18 Oct 2024 22:35:34 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type

GET
H2 200 user.svg
yrsggseg.store/assets/templates/default/img/ 7 KB
7 KB 282ms
281ms Other
image/svg+xml 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/img/user.svg

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

3c002f78e6b0343dafdbe4f8d4e681018c9b309f1ee0b5c7b1ee7b4a50d90aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/cid534304568/

Response headers

etag: "63c13fb9-1b0a"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 6922
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 11:25:45 GMT
server: nginx

GET
DATA 200
OK truncated
/ 672 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f0e08168b5ff08a100f5b390f7b5f7bb73bfd753fca09e6a8bf623ac4a45668

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 hand.png
yrsggseg.store/assets/templates/default/img/news/ 249 B
393 B 283ms
281ms Image
image/png 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yrsggseg.store/assets/templates/default/img/news/hand.png?v1

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/assets/templates/default/css/news/style-main-i.css?v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

4babca93a9993a25b80b39a3854bb68164eaffc628553eb03d7fe178b4d017de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/assets/templates/default/css/news/style-main-i.css?v1

Response headers

etag: "63049a5b-f9"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 249
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 09:14:03 GMT
server: nginx

GET
DATA 200
OK truncated
/ 781 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82edce7e35d30e0cc2a8915d1c60743690309c42a1c80a47bae082a23042a456

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 Rubik_le.woff2
yrsggseg.store/assets/templates/default/fonts/ 9 KB
9 KB 542ms
541ms Font
font/woff2 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/fonts/Rubik_le.woff2

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/assets/templates/default/css/news/style-main-i.css?v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

bc5e3f537ba97c13b992672f827efac63725b8155943ed4c9d693be080619249

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://yrsggseg.store
Referer: https://yrsggseg.store/assets/templates/default/css/news/style-main-i.css?v1

Response headers

etag: "63049a5b-2208"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 8712
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: font/woff2
last-modified: Tue, 23 Aug 2022 09:14:03 GMT
server: nginx

GET
H2 200 Rubik_c.woff2
yrsggseg.store/assets/templates/default/fonts/ 7 KB
7 KB 547ms
547ms Font
font/woff2 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/fonts/Rubik_c.woff2

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/assets/templates/default/css/news/style-main-i.css?v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

116c9b0abb3aace227bdefb77301a1a6b1c15cd74a13dc96fb83ea5ab4fb11fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://yrsggseg.store
Referer: https://yrsggseg.store/assets/templates/default/css/news/style-main-i.css?v1

Response headers

etag: "63049a5b-1c80"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 7296
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: font/woff2
last-modified: Tue, 23 Aug 2022 09:14:03 GMT
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 110ms
51ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.0.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1b51e197d1684914edd27084f19a1fb7e7d2d5b4f6b0457c8faded272cee870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 18 Oct 2024 22:35:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 52462
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 mon-cyr.woff2
yrsggseg.store/assets/templates/default/fonts/ 21 KB
21 KB 280ms
279ms Font
font/woff2 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/fonts/mon-cyr.woff2

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/assets/templates/default/css/news/other/header.css?27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://yrsggseg.store
Referer: https://yrsggseg.store/assets/templates/default/css/news/other/header.css?27

Response headers

etag: "63c13fb9-531c"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 21276
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: font/woff2
last-modified: Fri, 13 Jan 2023 11:25:45 GMT
server: nginx

GET
H2 200 mon-let-ext.woff2
yrsggseg.store/assets/templates/default/fonts/ 30 KB
30 KB 495ms
494ms Font
font/woff2 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yrsggseg.store/assets/templates/default/fonts/mon-let-ext.woff2

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/assets/templates/default/css/news/other/header.css?27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),

Reverse DNS

dsde1342.fornex.org

Software

nginx /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://yrsggseg.store
Referer: https://yrsggseg.store/assets/templates/default/css/news/other/header.css?27

Response headers

etag: "63c13fb9-78d0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 30928
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: font/woff2
last-modified: Fri, 13 Jan 2023 11:25:45 GMT
server: nginx

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/kmapushnew/ 625 B
678 B 677ms
675ms Fetch
application/json 2404:6800:400a:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/kmapushnew/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.0.0/firebase-messaging.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:804::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd6c5a60eda4b4e57727fab5af143e95ceda05affc9236054c0d34bfa1aeca7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-goog-api-key: AIzaSyBS79MAarlp3mkVOxxUBGOtkl1Gif7dOGI
Referer: https://yrsggseg.store/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept: application/json
content-type: application/json

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://yrsggseg.store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488
date: Fri, 18 Oct 2024 22:35:34 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/kmapushnew/ Frame 0
0 142ms
47ms Preflight
text/html 2404:6800:400a:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/kmapushnew/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:804::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://yrsggseg.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://yrsggseg.store
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 18 Oct 2024 22:35:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
106 KB 63ms
62ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PW1KF6H42V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7493921e72c1e87a1794c866ac813d82f4b6146964f5b311f6d5f688a394362e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 18 Oct 2024 22:35:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 22:35:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108212
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
analytics.google.com/g/ 0
0 112ms
49ms Fetch
text/plain 2404:6800:400a:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PW1KF6H42V&gtm=45je4ah0v880092253za200&_p=1729290933806&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101533421~101686685&_fid=fu63jt9MeM-fmmioTBcSez&cid=2136725318.1729290934&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729290934&sct=1&seg=0&dl=https%3A%2F%2Fyrsggseg.store%2Fcid534304568%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=3464
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PW1KF6H42V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://yrsggseg.store
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 22:35:34 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
544 B 160ms
49ms Ping
text/plain 2404:6800:4008:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PW1KF6H42V&cid=2136725318.1729290934&gtm=45je4ah0v880092253za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529665~101533421~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PW1KF6H42V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c01::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://yrsggseg.store
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 22:35:34 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 1376 0
0 112ms
52ms Document
text/html 2404:6800:400a:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-PW1KF6H42V&gacid=2136725318.1729290934&gtm=45je4ah0v880092253za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529665~101533421~101686685&z=921164648

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PW1KF6H42V&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:804::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yrsggseg.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Oct 2024 22:35:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 90ms
46ms Image
image/gif 172.217.31.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PW1KF6H42V&cid=2136725318.1729290934&gtm=45je4ah0v880092253za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529665~101533421~101686685&tag_exp=101529665~101533421~101686685&z=2111075293

Requested by

Host: yrsggseg.store
URL: https://yrsggseg.store/cid534304568/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://yrsggseg.store/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 18 Oct 2024 22:35:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

OPTIONS
H2 204 check
afrdtech.com/v2/ Frame 0
0 750ms
248ms Preflight 31.220.27.154
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://afrdtech.com/v2/check
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://yrsggseg.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,pragma,Authorization,
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH, HEAD, TRACE, CONNECT
access-control-allow-origin: https://yrsggseg.store
date: Fri, 18 Oct 2024 22:35:35 GMT
server: nginx

POST
H2 200 check Show response
afrdtech.com/v2/ 22 B
296 B 251ms
249ms Fetch
application/json 31.220.27.154
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://afrdtech.com/v2/check
Requested by: Host: afrdtech.com
URL: https://afrdtech.com/v1/script.js?kmnrKey=169217547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8a52883bc11745d865bf859ce29d2719dde46ff978c4b0d4e5e08300e9e14cac

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/json
Referer: https://yrsggseg.store/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://yrsggseg.store
date: Fri, 18 Oct 2024 22:35:35 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type

GET
H3

200

Primary Request / Show response
cloud-shovelbill.com/
Redirect Chain

https://fountain-anthropos.com/back?utm_campaign=27859&utm_source=&isd=1&utm_medium=7738&sid6=Kaminari
https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=

15 KB
7 KB

1117ms
1100ms

Document
text/html

172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Requested by: Host: afrdtech.com
URL: https://afrdtech.com/v1/script.js?kmnrKey=169217547
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f830ae4195fb390942a510e6f8a721b1788b58ea3b69c3d31d3c7b1e28f44027

Request headers

Referer: https://yrsggseg.store/cid534304568/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d4c00a3bb695ebb-NRT
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Fri, 18 Oct 2024 22:35:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N3Rqwcbqya3nMZBsqjcePfonpzLoW%2FEm0ysFRDzYS23j50t1g%2FZ%2BqueeoSGqG6fM%2BlrHRwFTdrWrGxb%2FqXxSwkrMWADHREBL0HbKZ2Rj8Es7CILSl9ox0R%2FWWBWu0mGZ%2Fxp%2F3v4oHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x_domain: cloud-shovelbill.com
x_theme: dzfancy-06-without-dmp2.mobile

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://yrsggseg.store
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 172
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Oct 2024 22:35:36 GMT
Location: https://cloud-shovelbill.com?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Server: nginx/1.18.0 (Ubuntu)

POST
H2 200 cid534304568
yrsggseg.store/show-teaser-list/ 20 B
186 B 291ms
290ms XHR
application/json 2.58.67.161
FORNEX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yrsggseg.store/show-teaser-list/cid534304568
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2.58.67.161 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS, ES),
Reverse DNS: dsde1342.fornex.org
Software: nginx / PHP/7.4.33
Resource Hash

Request headers

Referer: https://yrsggseg.store/cid534304568/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Fri, 18 Oct 2024 22:35:35 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
server: nginx
x-powered-by: PHP/7.4.33

GET
H3 200 grid.min.css
cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/css/ 51 KB
7 KB 277ms
276ms Stylesheet
text/css 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/css/grid.min.css
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"6710ee49-ca40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JkV99CgzTKQbNGRIMRo7pwj%2FWIKgW0swfxpx9as7RV1ddDSZNabJ43HP3ij%2FFHjHKh2Mwpr2LHB5niaTjGJHuayaollYUgmtiwqF9lkfm6rwfEjb0HpZj6JXuaXSA1HvjqLA1w7pjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4c00aaa9da5ebb-NRT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:38 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 11:00:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 app.3a7166a8.css
cloud-shovelbill.com/css/ 7 KB
3 KB 1015ms
1014ms Stylesheet
text/html 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/css/app.3a7166a8.css
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6638f937357548333f92616473f70dfebbe917292b8d422456b785502d0f34de

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=

Response headers

x_domain: cloud-shovelbill.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sx5FwQzYFOGY9I2CDzl7VWeL2W4Q%2F0G9tXB0cltTAIOmkCBlEPYyhH3%2ByRgoTob%2B7hCC1Nl%2BDtl7VnefPaw9n9%2BP4n0ILtYU2qcb%2BeFDHKU4CwW8JVB4uOjKasRLHaawHmrgoiX9hg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-ray: 8d4c00aaa9dd5ebb-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:39 GMT
x_theme: dzfancy-06-without-dmp2.mobile
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With

GET
H3 200 app.55640dbc.js Show response
cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/js/ 51 KB
10 KB 1131ms
1129ms Script
application/javascript 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/js/app.55640dbc.js
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15db2c8b4afb9bc81645b20508460542df200f290898d087f60c6b5633adc2d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"6710ee49-ca49"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJB%2BZFnfDjBrtYkyK1TgdgAkgVm9JHFzR3y%2BehOwMhytkqPxJ0dHUmcPEtgquIt1J2JDuRELv%2FpiB40W2Km9eQI%2F62jXJPjx%2BW6%2B1bUiAIa6%2Bt1chyIl4EQz0dIK3BcyoH6eKUFIGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4c00aaa9df5ebb-NRT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:39 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 11:00:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 chunk-vendors.e6e89e13.js Show response
cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/js/ 281 KB
95 KB 1349ms
1347ms Script
application/javascript 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/js/chunk-vendors.e6e89e13.js
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d92d1e8c2aa88f3f8bae422ee5f602f6a41b5eaafc4d1998e975f3b6e12d5155

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"6710ee49-46390"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ReJii8kml%2FbQZWA0%2B4uHKVBgROxj3p2ePeXA%2BQVMFj8exawWaAWosLaTQ3cZSqIS6UjUK46g9lduIQODNqvUzbt5bxmUAxyMP5rRCG4SMDbVLT0jPKP2fPuZAAS%2BVT36mfBIcc6hZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4c00aaa9e25ebb-NRT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:39 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 11:00:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 749a797bad14b6d45e1234ecbcceda74bcb7d35a.js Show response
ffrtrinvzk.com/1/ 14 KB
4 KB 1045ms
347ms Script
application/javascript 116.202.32.33
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.32.33 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.33.32.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 4b26a993d0e9df6b4e29646cee2c138b23f005df838f3ced20e4140b1bb3b29d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/

Response headers

access-control-allow-headers: *
cache-control: max-age=315360000
access-control-expose-headers: *
content-encoding: gzip
etag: W/"669544d1-3808"
access-control-allow-methods: GET
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 18 Oct 2024 22:35:39 GMT
content-type: application/javascript
last-modified: Mon, 15 Jul 2024 15:48:33 GMT
server: nginx/1.18.0
vary: Accept-Encoding

GET
H3 200 style.min.css
cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/css/ 39 KB
10 KB 1113ms
1112ms Stylesheet
text/css 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/css/style.min.css
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf36420b57a883842d242688c54a2b959369a3fb82eefd4f7458fc3fcd9ec922

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"6710ee49-9c76"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLvBn4ChrR4BiDkuzayxP6SLXlr2hyzGOSNo5y%2FQAy0MMW5EHh7%2BH6r9GdlqipkMvzE9A33fbKJQcd6ASDDUv5rR067Z33tRqkKllXVuilhnvHvSGh9HFJJzmhU%2BKKh2D9ImxiyrdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4c00aaa9e45ebb-NRT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:39 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 11:00:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 lato.css
cloud-shovelbill.com/static/news-fancy.mobile/fonts/ 5 KB
1019 B 992ms
991ms Stylesheet
text/css 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/static/news-fancy.mobile/fonts/lato.css
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7fa5030c69ae7ff4b4f1a18496dec4be42da9ceb036987b6cafdaf2d021671

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"61ea7305-1339"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvV%2FoBorovTLaBNHd45w10z8D9jFOFxqNxkDaVuMGQBONrEyIAHiw%2FOqP%2FiCv3nCe8niWzaoeD68VbjlFEDichaKEKWmYY0ky6ezssMsWCDlxZeEce1cm16n3c3FJPh15PWgH7qeTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4c00aaa9e75ebb-NRT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:39 GMT
content-type: text/css
last-modified: Fri, 21 Jan 2022 08:47:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 105ms
51ms Stylesheet
text/css 2404:6800:400a:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb91f68842ffdd010c7f67aacce09625c99aa852b1a7ca80f7b6cb65f39c0416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 22:35:38 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 22:35:38 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 153 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9907d5fc9e36bd3a58a9542199de02ffae719363656c040ca10e3d5e80fb970d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v32/ 7 KB
7 KB 75ms
14ms Font
font/woff2 142.250.76.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f3.1e100.net

Software

sffe /

Resource Hash

7c226cdfec4156a02a5cd67f8ee22b58514f91d40869e052f066f1b62ede7c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://cloud-shovelbill.com
Referer: https://fonts.googleapis.com/

Response headers

age: 63636
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 04:55:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 04:55:03 GMT
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6828
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 72ms
12ms Font
font/woff2 142.250.76.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f3.1e100.net

Software

sffe /

Resource Hash

0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://cloud-shovelbill.com
Referer: https://fonts.googleapis.com/

Response headers

age: 64452
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 04:41:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 04:41:27 GMT
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13408
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/css/ 75 KB
76 KB 540ms
539ms Font
font/woff2 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/css/fontawesome-webfont.woff2
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://cloud-shovelbill.com
Referer: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/css/style.min.css

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "6710ee49-12d68"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ex0bayPPvy402jpFnsVvwymBL8xeiRhnZ485oAtyX%2BE8zj9v7H%2BnOh0X5ycJYQlW75ZfmPPtObVmDx0WqyG%2FpM%2Fd7%2BDidbT7ahdvK3tS6Dx7lLm4CoK%2B%2B%2FGw4WZYO62WQexMXZTJwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4c00b58ac35ebb-NRT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 77160
date: Fri, 18 Oct 2024 22:35:40 GMT
content-type: font/woff2
last-modified: Thu, 17 Oct 2024 11:00:25 GMT
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 10ms
9ms Font
font/woff2 142.250.76.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f3.1e100.net

Software

sffe /

Resource Hash

bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://cloud-shovelbill.com
Referer: https://fonts.googleapis.com/

Response headers

age: 96556
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 19:46:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 19:46:23 GMT
last-modified: Thu, 01 Aug 2024 20:41:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13388
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 10ms
10ms Font
font/woff2 142.250.76.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f3.1e100.net

Software

sffe /

Resource Hash

1aaa85b178d2582c05a057b886abc2493e994c13e8df64ad52eee764957af337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://cloud-shovelbill.com
Referer: https://fonts.googleapis.com/

Response headers

age: 53888
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 07:37:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 07:37:31 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6576
x-xss-protection: 0
server: sffe

GET
H2 200 45e49f4106a03e252cc9665e791faa6b5f9f6063.js Show response
gsimvqfghc.com/v2/153092/ 29 KB
8 KB 1724ms
1022ms Script
application/javascript 116.202.32.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gsimvqfghc.com/v2/153092/45e49f4106a03e252cc9665e791faa6b5f9f6063.js
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.32.31 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.32.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 8ac2e013963f57e8530dce22298704ef96e265b8d469043d0dd2d1e1d89d89e2

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/

Response headers

access-control-allow-headers: *
cache-control: max-age=315360000
access-control-expose-headers: *
content-encoding: gzip
etag: W/"66cf09bb-7222"
access-control-allow-methods: GET
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Fri, 18 Oct 2024 22:35:41 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 11:27:55 GMT
server: nginx/1.18.0
vary: Accept-Encoding

GET
H3 200 get-items Show response
cloud-shovelbill.com/api/ 2 KB
793 B 272ms
272ms XHR
application/json 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/api/get-items?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&language=RU&blang=ja-JP&quality=1&boost=1&event=back&is_clear=0&count=6&offset=0&r=0.25872033821124063&theme=dzfancy-06-without-dmp2&is_video=1&resolution_width=1600&resolution_height=1200&connection_speed=4g%2C10&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/js/chunk-vendors.e6e89e13.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e9e45b2ac182a2eb2acfcdb034a46f867357795053c27246335d28fcc0a550a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: application/json, text/plain, */*
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DSA4wOI7dOBAn1Z5rq5VI2CM3GUDEkA27kRifqkZwH0BOqZCKA%2FC%2BSzIc74ZnPcotprbgX4mh5kq57%2Fec3HMYRNSIpdBlkVDbRV2phEBRBm8Dz13Ws2PZED%2BbaGh0CZm6PJSG4UqrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-ray: 8d4c00b5cb115ebb-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:40 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With

GET
H/1.1 200
OK image.gif
fountain-yttrialite.com/ 43 B
1 KB 915ms
228ms Image
image/gif 85.192.12.172
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fountain-yttrialite.com/image.gif?sid9=1&utm_campaign=27859&utm_content=&utm_source=&utm_medium=7738&subid3=&subid4=&subid5=&client_id=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4&cost=0&ip=&DEBUG=&isd=1&sid6=Kaminari&category=0&resolution_width=1600&resolution_height=1200&connection_speed=4g,10&domain=cloud-shovelbill.com
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.172 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Access-Control-Allow-Origin: https://cloud-shovelbill.com
Content-Length: 43
Date: Fri, 18 Oct 2024 22:35:40 GMT
Content-Type: image/gif
Last-Modified: Fri, 18 Oct 2024 22:35:40 GMT
Server: nginx/1.14.1
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v32/ 15 KB
15 KB 12ms
12ms Font
font/woff2 142.250.76.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f3.1e100.net

Software

sffe /

Resource Hash

7cced09b0fd8718262ff270eb5abd55b60b5ba5459692321c6be96c460c1c14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://cloud-shovelbill.com
Referer: https://fonts.googleapis.com/

Response headers

age: 73578
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 02:09:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 02:09:22 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15036
x-xss-protection: 0
server: sffe

GET
H3 200 get-items Show response
cloud-shovelbill.com/api/ 2 KB
792 B 276ms
275ms XHR
application/json 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/api/get-items?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&language=RU&blang=ja-JP&quality=1&boost=0&event=back&is_clear=0&count=6&offset=6&r=0.3221969879476494&theme=dzfancy-06-without-dmp2&is_video=1&resolution_width=1600&resolution_height=1200&connection_speed=4g%2C10&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/js/chunk-vendors.e6e89e13.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60f2177d7cac141694310627d16838fa859f89dd80700b482a50a3923626722a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: application/json, text/plain, */*
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLccMh%2FKoc0DFrc2WXoECe8lv%2BttjlHpF7LqcU7ho7UrIa6qKsd51E5iDotbk8RZSAq4swoYV%2FzOKGk4g1gA65n7cdNUJYw8I4a7R50DLQQNodlM52RQ%2BJLaVaFpHetTajGJVjeOjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-ray: 8d4c00b7dca35ebb-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:40 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With

GET
H3 200 get-items Show response
cloud-shovelbill.com/api/ 2 KB
797 B 304ms
304ms XHR
application/json 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/api/get-items?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&language=RU&blang=ja-JP&quality=1&boost=0&event=back&is_clear=0&count=6&offset=12&r=0.2542838148218207&theme=dzfancy-06-without-dmp2&is_video=1&resolution_width=1600&resolution_height=1200&connection_speed=4g%2C10&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/js/chunk-vendors.e6e89e13.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1520d23c0487f9640f4b0776cdf8283ebf12e0bfca8298fb98fe2e4518629e5

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: application/json, text/plain, */*
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqQwpFKflReXs3WLciOrUbT2cIdcpTJPS0DyCricZ%2Fdww%2B7DtKxRZUjnW5HUdmbwBbn9mRH8hU9DeldsljvF2Z4zAxqjHq7Wxq8NcxCMZNWkoJK9aCJ0%2FG5m0rjrZwz5s%2BYkCHvxbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-ray: 8d4c00b9fe6a5ebb-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:40 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With

GET
H3 200 get-items Show response
cloud-shovelbill.com/api/ 2 KB
797 B 308ms
308ms XHR
application/json 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/api/get-items?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&language=RU&blang=ja-JP&quality=1&boost=0&event=back&is_clear=0&count=6&offset=18&r=0.5545704964165061&theme=dzfancy-06-without-dmp2&is_video=1&resolution_width=1600&resolution_height=1200&connection_speed=4g%2C10&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4
Requested by: Host: cloud-shovelbill.com
URL: https://cloud-shovelbill.com/static/dzfancy-06-without-dmp2.mobile/js/chunk-vendors.e6e89e13.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f21c7826ca6550ef7aae002e1b42a9844046495e169d6e16c3491718ca967b2a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: application/json, text/plain, */*
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQf1dDboDRStgZmGCAo1NRoIl1LGI3CyZkHnOwrYEocZ4uKSFDsn%2BkAp9FwBGHiuNdJmIg3EW%2FLlzLCjk%2BF8%2BylpYchq1L9BjlecH7wnEHKZ26gyvY8OxMsoChQ9g4xGdHdMIALOWg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-ray: 8d4c00bc58585ebb-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 22:35:41 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With

GET
H3 204 favicon.ico
cloud-shovelbill.com/ 0
387 B 255ms
254ms Other
text/plain 172.67.217.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-shovelbill.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4

Response headers

cf-ray: 8d4c00c07bb55ebb-NRT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
date: Fri, 18 Oct 2024 22:35:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fy%2Bl0yyunDqWeQW4bSunNq3HUOCC71tn8A46EDZdRvb%2FQMYwR6bOrie%2FQjT3t2yB9vy3psAG2%2BuRwkyzg%2BTSp5nW6tf8p%2BffuMtnNTFhwpKU8fEf5QNKBqcYYgV3rv6GNwa8P7c46A%3D%3D"}],"group":"cf-nel","max_age":604800}

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 13ms
12ms Font
font/woff2 142.250.76.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f3.1e100.net

Software

sffe /

Resource Hash

a70c2bc728eb261ac55c2ff878249947bcd3a9d8827d94e63fbdd8fe67156986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://cloud-shovelbill.com
Referer: https://fonts.googleapis.com/

Response headers

age: 34332
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 13:03:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 13:03:29 GMT
last-modified: Thu, 01 Aug 2024 20:41:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13528
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yrsggseg.store/	1970-01-21 00:22:57	Name: user_visit_id Value: visitId295536399
yrsggseg.store/	1970-01-21 00:22:57	Name: user_segment_id Value: 2
.yrsggseg.store/	1970-01-21 09:57:30	Name: _ga Value: GA1.1.2136725318.1729290934
.doubleclick.net/	1970-01-21 00:21:31	Name: test_cookie Value: CheckForPermission
fountain-anthropos.com/	1970-01-21 01:06:09	Name: cd Value: eyJzIjp7Im8iOiJpT1MiLCJvdiI6IjE0IiwiZGMiOjIsImIiOiJNb2JpbGUgU2FmYXJpIiwiYnYiOiIxNCJ9LCJsIjp7InIiOiLQotC+0LrQuNC+IiwibiI6MTkwMjQsImlzcCI6ImkzRC5uZXQifX0=
fountain-anthropos.com/	1970-01-21 01:06:09	Name: cc Value: eyJ1aWlkIjoiIiwiZF9vZmZzZXQiOi0xfQ==
fountain-anthropos.com/	1970-01-21 01:06:09	Name: uid Value:
fountain-anthropos.com/	1970-01-21 01:06:09	Name: utm_medium Value: 7738
.yrsggseg.store/	1970-01-21 09:57:30	Name: _ga_PW1KF6H42V Value: GS1.1.1729290934.1.0.1729290938.56.0.0
cloud-shovelbill.com/	1970-01-21 00:22:57	Name: duid Value: news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4
cloud-shovelbill.com/	1970-01-21 01:06:09	Name: templates_show_id Value: 1
fountain-yttrialite.com/	1970-01-21 01:06:09	Name: cd Value: eyJzIjp7Im8iOiJpT1MiLCJvdiI6IjE0IiwiZGMiOjIsImIiOiJNb2JpbGUgU2FmYXJpIiwiYnYiOiIxNCJ9LCJsIjp7InIiOiLQotC+0LrQuNC+IiwibiI6MTkwMjQsImlzcCI6ImkzRC5uZXQifX0=
fountain-yttrialite.com/	1970-01-21 01:06:09	Name: cc Value: eyJ1aWlkIjoibmV3cy04ZmFhNTZlNy05YmJiLTQzNDgtYmZjYS1lYjljYzc2MTFhZjQiLCJkX29mZnNldCI6LTF9
fountain-yttrialite.com/	1970-01-21 01:06:09	Name: article Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://afrdtech.com/v1/script.js?kmnrKey=169217547(Line 4) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	error	URL: https://yrsggseg.store/cid534304568/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://cloud-shovelbill.com/?isd=1&sid6=Kaminari&sid9=1&type=back&utm_campaign=27859&utm_medium=7738&utm_source=&uid=news-8faa56e7-9bbb-4348-bfca-eb9cc7611af4 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afrdtech.com
analytics.google.com
cdnjs.cloudflare.com
cloud-shovelbill.com
ffrtrinvzk.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
fountain-anthropos.com
fountain-yttrialite.com
gsimvqfghc.com
jftxhjttxh.lat
stats.g.doubleclick.net
storage.yandexcloud.net
td.doubleclick.net
www.google.co.jp
www.googletagmanager.com
www.gstatic.com
yrsggseg.store
104.17.25.14
116.202.32.31
116.202.32.33
142.250.76.131
172.217.25.163
172.217.31.131
172.67.217.242
2.58.67.161
2404:6800:4008:c01::9b
2404:6800:400a:804::2002
2404:6800:400a:804::200a
2404:6800:400a:80a::200e
2404:6800:400a:80e::2008
2404:6800:400a:80e::200a
2a02:6b8::1d9
31.220.27.154
85.192.12.172
85.192.12.187
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
0ce78c0984fc04f5b007518b147f15ffcf74a2342730fe15c30e37b3f552dd46
116c9b0abb3aace227bdefb77301a1a6b1c15cd74a13dc96fb83ea5ab4fb11fa
1aaa85b178d2582c05a057b886abc2493e994c13e8df64ad52eee764957af337
21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34409a574b42da1c32af2783b23b27c56d8abdd97596927d5ab21ced3d714fef
3c002f78e6b0343dafdbe4f8d4e681018c9b309f1ee0b5c7b1ee7b4a50d90aee
3e89bec9349d0382c3651885691fe6b0edc3eebd7a8f10eba5d41a0b046895e0
473cb16ded780fdd29f54fa4263d89e7ed3deb24893a0edb1dd98ed1da5bfcb5
4b26a993d0e9df6b4e29646cee2c138b23f005df838f3ced20e4140b1bb3b29d
4babca93a9993a25b80b39a3854bb68164eaffc628553eb03d7fe178b4d017de
4e9e45b2ac182a2eb2acfcdb034a46f867357795053c27246335d28fcc0a550a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
60f2177d7cac141694310627d16838fa859f89dd80700b482a50a3923626722a
6638f937357548333f92616473f70dfebbe917292b8d422456b785502d0f34de
7493921e72c1e87a1794c866ac813d82f4b6146964f5b311f6d5f688a394362e
76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65
7c226cdfec4156a02a5cd67f8ee22b58514f91d40869e052f066f1b62ede7c1a
7cced09b0fd8718262ff270eb5abd55b60b5ba5459692321c6be96c460c1c14e
7f0e08168b5ff08a100f5b390f7b5f7bb73bfd753fca09e6a8bf623ac4a45668
82edce7e35d30e0cc2a8915d1c60743690309c42a1c80a47bae082a23042a456
86a3f1f07da34aa7a02a017e2425b970cc3a6e93e7b65e52374ad9fe7f38d4fe
8a52883bc11745d865bf859ce29d2719dde46ff978c4b0d4e5e08300e9e14cac
8ac2e013963f57e8530dce22298704ef96e265b8d469043d0dd2d1e1d89d89e2
9907d5fc9e36bd3a58a9542199de02ffae719363656c040ca10e3d5e80fb970d
a4d398c248b66c95dfbad161ca20b9df239e51c954e96550bbc3cecc8ad7ae6d
a636da6d812c1e827aa01bfa1d456e1b9f8f1a8ff9d8484aa00577b47a39e3db
a70c2bc728eb261ac55c2ff878249947bcd3a9d8827d94e63fbdd8fe67156986
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ae4fcb6a148fb4d05ac2a51a48fdcb022c42b224b38e3bd1bfb5548615751ec5
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
bb91f68842ffdd010c7f67aacce09625c99aa852b1a7ca80f7b6cb65f39c0416
bc5e3f537ba97c13b992672f827efac63725b8155943ed4c9d693be080619249
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
cf0ffaf3d4a4821f6a3ac85bfb0e14a3ba3a81046be00bd3e07e1f5ba0e9650b
cf36420b57a883842d242688c54a2b959369a3fb82eefd4f7458fc3fcd9ec922
d92d1e8c2aa88f3f8bae422ee5f602f6a41b5eaafc4d1998e975f3b6e12d5155
da7fa5030c69ae7ff4b4f1a18496dec4be42da9ceb036987b6cafdaf2d021671
e1520d23c0487f9640f4b0776cdf8283ebf12e0bfca8298fb98fe2e4518629e5
e1b51e197d1684914edd27084f19a1fb7e7d2d5b4f6b0457c8faded272cee870
e1c776eea8393704c5959d943c490a9613abc8585805d3ad88f0cdcaae03db2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e966cf5b56ad9ddc50d3c5284cd8e1ba853c56841bfe052c4c4da134d70e6bb0
e9c599a95f85a87a8961288a28727e3b63bf7837a22d41d0b636367d81da26ae
ec51c774b9b96a9a3d7065b08f4ec039e33c237489b89f367be9b453664177d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15db2c8b4afb9bc81645b20508460542df200f290898d087f60c6b5633adc2d
f1cde4a10ecad8f1de7cc35e19e8c710266ee4308d7af9349d827e6486d1d94a
f21c7826ca6550ef7aae002e1b42a9844046495e169d6e16c3491718ca967b2a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f830ae4195fb390942a510e6f8a721b1788b58ea3b69c3d31d3c7b1e28f44027
f8b2fffaa84d5af755ed88807338b0d0a33919d5935a82810a822a72a53b6958
fd6c5a60eda4b4e57727fab5af143e95ceda05affc9236054c0d34bfa1aeca7d

cloud-shovelbill.com Open in urlscan Pro 172.67.217.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

39 %IPv6

16 Domains

19 Subdomains

18 IPs

7 Countries

7312 kBTransfer

8196 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cloud-shovelbill.com Open in urlscan Pro
172.67.217.242 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

39 %
IPv6

16
Domains

19
Subdomains

18
IPs

7
Countries

7312 kB
Transfer

8196 kB
Size

14
Cookies

67 HTTP transactions
4 data transactions