urlscan.io logo urlscan.io
SecurityTrails logo

tesl3r.giveo4jlf.click Open in urlscan Pro
172.67.168.229  Public Scan

Go To Rescan Add Verdict Report
URL: https://tesl3r.giveo4jlf.click/
Submission: On November 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 28 HTTP transactions. The main IP is 172.67.168.229, located in United States and belongs to CLOUDFLARENET, US. The main domain is tesl3r.giveo4jlf.click.
TLS certificate: Issued by WE1 on November 2nd 2024. Valid for: 3 months.
This is the only time tesl3r.giveo4jlf.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 172.67.168.229 13335 (CLOUDFLAR...)
3 157.240.241.1 32934 (FACEBOOK)
4 157.240.241.35 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.41.3 15169 (GOOGLE)
28 6
19    172.67.168.229 (United States)

ASN13335 (CLOUDFLARENET, US)
tesl3r.giveo4jlf.click
3    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
4    157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com
www.facebook.com
1    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
19 giveo4jlf.click
tesl3r.giveo4jlf.click
398 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
418 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
78 KB
2 gstatic.com
fonts.gstatic.com
120 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
28 5
Domain Requested by
19 tesl3r.giveo4jlf.click 1 redirects tesl3r.giveo4jlf.click
4 www.facebook.com tesl3r.giveo4jlf.click
3 connect.facebook.net tesl3r.giveo4jlf.click
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com tesl3r.giveo4jlf.click
28 5

This site contains no links.

Subject Issuer Validity Valid
giveo4jlf.click
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-26 -
2024-11-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tesl3r.giveo4jlf.click/
Frame ID: FAC9A3085CEF1280AC56AE89B3B56CD3
Requests: 33 HTTP requests in this frame

Frame: https://tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: A3A3DAB0BA709EA9A43B635EC24B7688
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tesler

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

28
Requests

96 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

596 kB
Transfer

6037 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tesl3r.giveo4jlf.click/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7750f073916a9724d0bf1a60cfc5da2bdd010fd7bec7ef77849ddec530a34f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
MISS
cf-ray
8e3b8326cfc3adc5-ATL
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 00:12:59 GMT
last-modified
Wed, 20 Mar 2024 10:37:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zf4shex%2F11watWDQXo1X0wKEx6SZxsnbpnDQ%2BdE8deIZsBKQVXvuJ%2Byep4ojUNY9c9iDBIzhwtSAA1%2FBtMHP%2FGaEjUQVN0R2TgYZ%2FFd1FUkN%2Fd7bBAE0SGbcJfwGSRJPLsgXVelCjYq5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=47434&sent=14&recv=11&lost=2&retrans=3&sent_bytes=4704&recv_bytes=4536&delivery_rate=9480&cwnd=8400&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=742&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Accept-Encoding
x-amz-version-id
eb3db988-aea1-445c-a797-02f11611440e
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
x-xss-protection
1; mode=block
custom.css
tesl3r.giveo4jlf.click/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/css/custom.css
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1285d7fe9f93005132d6f14c46e78d20a4e7f5c51ad45a23992a5eb3ab2726d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"237a84e9236697bd96beb89a757c3488"
x-amz-version-id
c33606fa-eda0-41a1-83d6-77101bd18976
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byNbjiLL7TFrD606z44so4SRLmDZ2t7NC6rSLz3gyQm1SS8BLqQXn7EgwJNCLecl9D23rkzYKz4Ik%2BHXrCikg0SJ%2BKZgJstx1WkUSDfobNZvJaMVOefJ0HbBTROG7jouj306oFLt%2BC9R"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47375&sent=18&recv=16&lost=2&retrans=3&sent_bytes=8324&recv_bytes=5612&delivery_rate=8448&cwnd=8400&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=1474&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:00 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 20 Mar 2024 10:37:38 GMT
vary
Origin, Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b832abd87adc5-ATL
x-xss-protection
1; mode=block
server
cloudflare
style.css
tesl3r.giveo4jlf.click/css/ 		65 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/css/style.css
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af38c6ebfad2a8a0a99bb79daaea14f14486c8cd50941067c97632ee677fb128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"62126d5cb3bd216bc08554b56db84cfb"
x-amz-version-id
802fc850-0d0d-4b7a-a074-c45db962d6c0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bga%2FRCefFkT1HWlxOoNBqT7RSOzfXvUkbNSLPdPez4A2JIn6S5CPJHF9YOptSm4f0qKSB7HGpbf4UBskYVP%2BKrVnPnURIyhvo8BPLEmWuXmvNokpZk44AGW3TfwNKp1XZWny%2BsouNG%2BZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47670&sent=21&recv=18&lost=2&retrans=3&sent_bytes=11127&recv_bytes=5699&delivery_rate=3970&cwnd=8400&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=1580&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:00 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 20 Mar 2024 10:37:38 GMT
vary
Origin, Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b832abd88adc5-ATL
x-xss-protection
1; mode=block
server
cloudflare
Logo.png
tesl3r.giveo4jlf.click/images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tesl3r.giveo4jlf.click/images/Logo.png
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeefaf117ed5865f04640be52c53ac8b4e8e4159171b1132023ad25d2d041286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

cf-cache-status
MISS
etag
"a87491ef6cfa01a170dc74bbdded8ec4"
x-amz-version-id
3d083f1c-a3ab-4afb-a3ce-2e280c69af04
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTsARGRHmKOvGConzUUYmA4c%2FJGPdHUQzrZfB3SXQszYQWG8crrznZX4YZm5qB9aYd3OFaqfJSSZ4AVBEb0ZJ96M8UxamuI%2BbMqbonoqLemeTnJeTlE8VLq3Mp9eUJiLxJWDJoyRGt57"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=56988&sent=37&recv=27&lost=2&retrans=3&sent_bytes=26198&recv_bytes=6654&delivery_rate=171465&cwnd=9600&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=1693&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:00 GMT
content-type
image/png
last-modified
Wed, 20 Mar 2024 10:37:38 GMT
vary
Origin, Accept-Encoding
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b832abd89adc5-ATL
accept-ranges
bytes
content-length
27351
x-xss-protection
1; mode=block
server
cloudflare
clock_tablet.png
tesl3r.giveo4jlf.click/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tesl3r.giveo4jlf.click/images/clock_tablet.png
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f10eb8cc0cf0ff162da018e8590df5294d4e85db52425f1e51bfaf5da4016928
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

cf-cache-status
MISS
etag
"62bf9599d7f7ad65396ae97818fe9671"
x-amz-version-id
b504dd64-83bc-4ba8-9dfd-80e1dcec299e
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Kw0aZdZkQHD7F5%2BCQIlIkDya%2FQT6UYQJyAnLubxbfYHDMoanxP1N8R7VUQZYgGQF6EqQvla%2BJDYvc5nPW83WATjGOxwMDKPUUZBEQgNHbKsbPmFfnNOTXtHLT5jHWJSHXwzkzNINpP%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64138&sent=75&recv=52&lost=2&retrans=3&sent_bytes=62675&recv_bytes=10425&delivery_rate=47808&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2197&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
image/png
last-modified
Wed, 20 Mar 2024 10:37:39 GMT
vary
Origin, Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b83301e55adc5-ATL
accept-ranges
bytes
content-length
9615
x-xss-protection
1; mode=block
server
cloudflare
castle_tablet.png
tesl3r.giveo4jlf.click/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tesl3r.giveo4jlf.click/images/castle_tablet.png
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab0b12972401ac5a0cb20b1095f55f67cfbe6b9b905d6c4d38fbb5fd7b33b93b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

cf-cache-status
MISS
etag
"6f885726e4cedb514ae74c4555e566ac"
x-amz-version-id
e9009a46-bef4-4220-8b0e-0741159d95f6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cwCsRRTwv9d8Uhd0VS%2BJ9N0VKm1qWXhANPKSQ6bzN3E85jH4eh1xMlXR7zYAB%2BjkU4twczEt2KflwWGVOEo8ZyBWpLykOZnBX%2B%2Floupjil6K4guLtb2bD%2FwmtrtYOvE67cLTyb0RlK6N"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70377&sent=108&recv=78&lost=2&retrans=3&sent_bytes=95690&recv_bytes=28090&delivery_rate=125758&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2519&x=1", cfExtPri, cfHdrFlush;dur=31
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
image/png
last-modified
Wed, 20 Mar 2024 10:37:38 GMT
vary
Origin, Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b8331e9f6adc5-ATL
accept-ranges
bytes
content-length
8035
x-xss-protection
1; mode=block
server
cloudflare
confident_tablet.png
tesl3r.giveo4jlf.click/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tesl3r.giveo4jlf.click/images/confident_tablet.png
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54649217b71b281de0bdaccd131906fc75e11abacdc0e64a55e5d1c1974e3b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

cf-cache-status
MISS
etag
"fae4f01435ebc8dc6f60ec573cc5ee33"
x-amz-version-id
313b4596-ea4d-4a1e-bf74-bcfc8ba50e33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mCH3w5KHGyuygIYhSIkUpwvMJDbkzHEMWYVKifq5SJHTIOwFtYp6cSmMHbUN9Qh2Zu3kUnjhfAo892QO1AWZ9Aak96zSBDYL9eGVVp5eN6wJp%2Bxhwjo6X1vrSwpBJsMgbesEp%2FmG23D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=60200&sent=180&recv=96&lost=2&retrans=3&sent_bytes=178490&recv_bytes=28898&delivery_rate=264437&cwnd=16800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2864&x=1", cfExtPri, cfHdrFlush;dur=1
date
Sun, 17 Nov 2024 00:13:02 GMT
content-type
image/png
last-modified
Wed, 20 Mar 2024 10:37:38 GMT
vary
Origin, Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b8331e9f7adc5-ATL
accept-ranges
bytes
content-length
8942
x-xss-protection
1; mode=block
server
cloudflare
pixel.js
tesl3r.giveo4jlf.click/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/pixel.js
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b07c21579d587c4b00ea06eee2735cdd27f042f9b6b5e34b292ba29d47bc01d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OL1SPBNT5fP9Rz%2FuYUVfDcgC76QFeRFKBkPuK9CYhO9MAiWYcNg7AdPiNUFx6O6s%2B%2BVlbKW5%2BWtQv%2FDkwxfduOQ1sEY5ENo5ipP36XoOLLaDYq%2BJ1ow%2BOQFjcCIY3hhxHyEVr88RJwYy"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3b83301e57adc5-ATL
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=62189&sent=61&recv=39&lost=2&retrans=3&sent_bytes=54955&recv_bytes=7170&delivery_rate=97640&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=1911&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
text/plain; charset=utf-8
server
cloudflare
priority
u=0,i
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-QYcylhwJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-QYcylhwJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
lcX6exxJPRuk3JLe3qzjOFMkAQldDmEGRUAfPBeRdrG2foFPqcR/dYaX1u3Qw27Rvgy8d2tPN/7MVYA1uTi6IA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
geo.js
tesl3r.giveo4jlf.click/ 		432 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/geo.js
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34efa3a75f8fd70ddce353d2b6288f3a5898755da14c6742e97c9f2a62ba82ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

city_name
Miami
content-encoding
zstd
cf-cache-status
DYNAMIC
region_name
Florida
country_name
United States
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aC4NcLSb2KwdbrEozQbu71%2Bu0lwfniHcN8wgF4GiCIUZmaAgAkXWW%2B31pa8EN2GZ12r6FENksVI6abIrojYP9%2BxsP6qBEOwef4WwCyOBAA6fvOt1%2FGW9T5bYmpDe%2B69P2AkQNIgZP71N"}],"group":"cf-nel","max_age":604800}
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=60271&sent=69&recv=48&lost=2&retrans=3&sent_bytes=56942&recv_bytes=9999&delivery_rate=20421&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2086&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
application/javascript
priority
u=3,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b8331e9fdadc5-ATL
region_iso
FL
country_code
US
server
cloudflare
reg-form-plus.min.js
tesl3r.giveo4jlf.click/regform-v2/ 		493 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/regform-v2/reg-form-plus.min.js
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541a8b21dca9ae75412bdd437491f254b732493073a42a4762e803bcc3d9133a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"66fbdac1-7b4ae"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpJnF9GVOgisp12e8Lxi%2FO2G6ONWyTD7OfWL%2FhyR3BE2jpgDxtxpgYKOuFim4vgSQD4fJdbKu3QbYI5jOxkpqdauSFCBP9wn%2BWoj6r4On1ya4Ocq5oa7gg8UoKjYvmZsDCJUMlbby8l6"}],"group":"cf-nel","max_age":604800}
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=57456&sent=89&recv=73&lost=2&retrans=3&sent_bytes=74569&recv_bytes=27869&delivery_rate=12607&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2414&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:19:29 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b8331ea00adc5-ATL
server
cloudflare
reg-form-custom.js
tesl3r.giveo4jlf.click/__reg-form-custom/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/__reg-form-custom/reg-form-custom.js
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a47adf837d4a9dfc03e5da448e7e99b69b1d50c4e6a78e37582656e5eeee26c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"c5a6a0e953ee883dbe7f32e36449a20f"
x-amz-version-id
0dfe1f4a-2f86-4c6b-b5b5-d7f95c09e213
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRd8TPME4iEeSwPVVtjkhuw08d0Lh8R3R2d1D96%2F%2FGFqTX6uQqVY8IS14USw7y08ILbKQwO58nPG2JvFRwKY6jQSd4wMJ214Ah0%2FulY0DRwJPGWF9dgecAFiuZRxGBuu2WMHQfYojPDV"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65016&sent=153&recv=90&lost=2&retrans=3&sent_bytes=146090&recv_bytes=28623&delivery_rate=205860&cwnd=14400&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2739&x=1", cfExtPri, cfHdrFlush;dur=28
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Mar 2024 09:30:28 GMT
vary
Origin, Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b8331ea03adc5-ATL
x-xss-protection
1; mode=block
server
cloudflare
reg-form-custom.css
tesl3r.giveo4jlf.click/__reg-form-custom/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/__reg-form-custom/reg-form-custom.css
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9d762f29bb0030ff08298e8a9aea71bca1a49bf66e40789da21d58dce84c65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"f50029e0a0bb687ae8427bcd7da40ba2"
x-amz-version-id
586c8641-c346-4a3b-b3e1-d5686368024a
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKO7YcEqr8jLdWpnurzFd1O%2FsqM3tgL5b5nk6yKQLMaZofEpNJA462YL0%2BgXPyDQfHqEm9n4I3mIrQBst6IWnefp60kCCYGkKZfNxFY%2F0gcS%2B%2Bp0PPW%2FuvGm%2B1AtPUkZxjOspS2JTVSS"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72994&sent=109&recv=79&lost=2&retrans=3&sent_bytes=96169&recv_bytes=28135&delivery_rate=131595&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2531&x=1", cfExtPri, cfHdrFlush;dur=19
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 27 Mar 2024 09:30:28 GMT
vary
Origin, Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b8331ea05adc5-ATL
x-xss-protection
1; mode=block
server
cloudflare
header1.jpg
tesl3r.giveo4jlf.click/images/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tesl3r.giveo4jlf.click/images/header1.jpg
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7fbc08ea12c52c856729cb5caea0b8cc2dab37a8ac4eacff50b5f5accaf2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/css/style.css

Response headers

cf-cache-status
MISS
etag
"7ba0d3652c4164b39096631ad36e154e"
x-amz-version-id
48e57087-fd78-4c61-9fcf-bf562ec98a27
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPHkWB1TygoVT4l3wuubMtXfkCmRhoAIgZxhc41EmcXB3EXUmiSJc08FMQuSf6egTk395ZU4Pm5V3fngvxnWDFrIF9D%2FDiOiy6VQ37p5XK6pgdnH86gqfWY3ps4RDW%2BZrZuBA8NTNtXL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=58636&sent=275&recv=111&lost=2&retrans=3&sent_bytes=288890&recv_bytes=29571&delivery_rate=441309&cwnd=22800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=3106&x=1", cfExtPri, cfHdrFlush;dur=33
date
Sun, 17 Nov 2024 00:13:02 GMT
content-type
image/jpeg
last-modified
Wed, 20 Mar 2024 10:37:38 GMT
vary
Origin, Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b83320a43adc5-ATL
accept-ranges
bytes
content-length
166246
x-xss-protection
1; mode=block
server
cloudflare
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
621.mp4
tesl3r.giveo4jlf.click/video/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/video/621.mp4
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tesl3r.giveo4jlf.click/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
MISS
etag
"2b98703278c7e778a0f3c9429506821d"
x-amz-version-id
2565e29b-ad30-4c0f-a232-0192436d225c
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kj6fqTPowPD0XRtsiMBAJouApiOwQfw0HfwTJ%2FQmVSKu9r1ngjDVhLN9JwciXCMjy6%2Flvl%2Bd08kj2Uqygsu8G6W4kXWRejGQNuWej0MRYvH2wq7hk32c2yv9zM6yd8XSQ1VJ60uGnzEm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=57456&sent=90&recv=73&lost=2&retrans=3&sent_bytes=75290&recv_bytes=27869&delivery_rate=12607&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2450&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Sun, 19 Feb 2023 16:58:10 GMT
vary
Origin, Accept-Encoding
priority
u=3,i
x-amz-id-2
941221daf4c1ffe9564706e8cc4a4e486ea8d70d53b890660df8856294586de4
x-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-446248478/446248479
x-amz-request-id
18088DA905357399
cf-ray
8e3b83323a94adc5-ATL
Content-Length
446248479
x-xss-protection
1; mode=block
server
cloudflare
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
main.js
tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame A3A3
Redirect Chain
  • https://tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7ac71875b35c4508358c34b4595be50c0c2c94bb418fb46edc8c207f6a9170
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9boEghNGK27%2FmQaN3%2F76yDQJ8%2BluRXtCBfLPpX3aAbI5g3K7yqC2YifwMqEs1qkVDSWMgIoC02G0gt2hpMFjmoH1NfwnU%2B21%2FGPZ7EcK0zF1r2gcvgvJe2xXHrkrH0Vg9ISG3iei3rQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e3b8332bb78adc5-ATL
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61119&sent=71&recv=49&lost=2&retrans=3&sent_bytes=57975&recv_bytes=10292&delivery_rate=5791&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2105&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HonlLoIW2xCUPln9baHAbqpkxtIOkveXPmfSomGbErSEdrUrUdE2tNZvMWWsHK4E3k8GXzKwq97yw3aejWnLJsWvnWMkxVF44IgSD7j6gSYvWzNRwGHxJ98NQxVan%2BQFEUbF%2BF7uXgNC"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3b83324aaaadc5-ATL
access-control-allow-origin
*
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
content-length
0
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 00:13:01 GMT
server-timing
cfL4;desc="?proto=QUIC&rtt=60271&sent=68&recv=48&lost=2&retrans=3&sent_bytes=56193&recv_bytes=9999&delivery_rate=20421&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2047&x=1", cfExtPri, cfHdrFlush;dur=0
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8e3b8326cfc3adc5
tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A3A3 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/h/b/jsd/r/8e3b8326cfc3adc5
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=olM8YwauxmPHjq9O4uAj7oSTTWD9hBL%2FNfGD5BeEEphOSYQHNum7NHG6G3fKQiAhNkfA1iqTVzd4B1higWootthb3LoZDzO3nJNifIZ%2FfBYl6fJYFam1JW8gLYTiTIs7t6bEmnk5mx3p"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3b8333fd83adc5-ATL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55966&sent=88&recv=72&lost=2&retrans=3&sent_bytes=73398&recv_bytes=27824&delivery_rate=226669&cwnd=10800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=2323&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
987126866497458
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/987126866497458?v=2.9.177&r=stable&domain=tesl3r.giveo4jlf.click&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
7019a5bf4b0ef89d44f80a9b285872a599f6d3f41a4ee650e76ad7cc72adde53
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-cDH6pAGI' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-cDH6pAGI' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=76, mss=1232, tbw=70281, tp=65, tpl=0, uplat=131, ullat=0
pragma
public
x-fb-debug
SC2uUqa2H0RpfTiN4263ltb/mQcMbAbGat/iN3pqkfKOLwzXvqLLODaK9yhEX8+jPmwRGzUXEC5RHNO+I67svQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
938988611137999
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/938988611137999?v=2.9.177&r=stable&domain=tesl3r.giveo4jlf.click&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C234%2C116%2C127%2C235%2C165%2C119%2C237%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
653e1b336a0f2e9bc0199f72005ee74cd842458e5111cfcc186eaf20b3e660e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-1wYtjzPB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-1wYtjzPB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=89, mss=1232, tbw=85369, tp=80, tpl=0, uplat=206, ullat=0
pragma
public
x-fb-debug
8XSbSxA5IPwrYJ3XOKgcQNW2o9apluqfrgutH8BKfoDPWe6Y4v6m8DN8Nsd85depmoJ9wrM1lwORxq/BVBReoA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=987126866497458&ev=PageView&dl=https%3A%2F%2Ftesl3r.giveo4jlf.click%2F&rl=&if=false&ts=1731802381664&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731802381658.8902355823971498&ler=empty&cdl=API_unavailable&it=1731802381441&coo=false&rqm=GET
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=4478, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=987126866497458&ev=PageView&dl=https%3A%2F%2Ftesl3r.giveo4jlf.click%2F&rl=&if=false&ts=1731802381664&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731802381658.8902355823971498&ler=empty&cdl=API_unavailable&it=1731802381441&coo=false&rqm=FGET
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438034589802669467"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
W/3NYKJL3gFO4h0s8e8Ft/XtqZTJstsoQLLu2LXrtlcNb250jfh6Wbq+6PTolCrzh3vxL5xh5MMPhe2JcVXErg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438034589802669467", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=4846, tp=13, tpl=0, uplat=122, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/__reg-form-custom/reg-form-custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c16906c4ccf4fd25089643418eef09c372ca75dc2b06a7ef51f9fba6e644eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 00:13:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 16 Nov 2024 22:35:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=938988611137999&ev=PageView&dl=https%3A%2F%2Ftesl3r.giveo4jlf.click%2F&rl=&if=false&ts=1731802381943&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731802381658.8902355823971498&ler=empty&cdl=API_unavailable&it=1731802381441&coo=false&rqm=GET
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=26, mss=1232, tbw=8126, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 17 Nov 2024 00:13:01 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=938988611137999&ev=PageView&dl=https%3A%2F%2Ftesl3r.giveo4jlf.click%2F&rl=&if=false&ts=1731802381943&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731802381658.8902355823971498&ler=empty&cdl=API_unavailable&it=1731802381441&coo=false&rqm=FGET
Requested by
Host: tesl3r.giveo4jlf.click
URL: https://tesl3r.giveo4jlf.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438034593946012483"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 00:13:02 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
uAnXQvi455QwCWiVH2hnTvXl5N+qZ5TXoaIbWSpaLliexCIwaoeRrbfckd34OcF0eubi4ggtPp5CAgWKcR9Y+Q==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438034593946012483", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=26, mss=1232, tbw=8334, tp=21, tpl=0, uplat=81, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tesl3r.giveo4jlf.click
Referer
https://fonts.googleapis.com/

Response headers

age
241678
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 05:05:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 05:05:04 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2
fonts.gstatic.com/s/inter/v18/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tesl3r.giveo4jlf.click
Referer
https://fonts.googleapis.com/

Response headers

age
116100
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 15:58:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 15:58:02 GMT
last-modified
Mon, 29 Jul 2024 22:47:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
74328
x-xss-protection
0
server
sffe
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
favicon.png
tesl3r.giveo4jlf.click/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f23520aa7639c840c4227ee16d8536f4c20226afab53bf775e5636603958af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tesl3r.giveo4jlf.click/

Response headers

cf-cache-status
MISS
etag
"18cbdd83b7c38f545a432e76e8585bad"
x-amz-version-id
cf2673d5-020c-49cb-b91c-a0f6e96ec857
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvlkZNBZ7ynbIfqDY9O5kwI4SUB5NVXlPVo%2BeQoIeZut0CDFqqWahETRHXeq3ebmrxJtr8GZ%2FdxR2UjdsIDzDtcLBCyftykuVQoM7xHcRa93napDy7r3sU%2FqNFREgE9CDdfLvrgtIYCg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48884&sent=3375&recv=470&lost=4&retrans=5&sent_bytes=3902834&recv_bytes=46636&delivery_rate=1466268&cwnd=76800&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=6335&x=1", cfExtPri, cfHdrFlush;dur=8
date
Sun, 17 Nov 2024 00:13:05 GMT
content-type
image/png
last-modified
Wed, 20 Mar 2024 10:37:38 GMT
vary
Origin, Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3b83438fdbadc5-ATL
accept-ranges
bytes
content-length
1606
x-xss-protection
1; mode=block
server
cloudflare
621.mp4
tesl3r.giveo4jlf.click/video/ 		616 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://tesl3r.giveo4jlf.click/video/621.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tesl3r.giveo4jlf.click/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=4253064-

Response headers

cf-cache-status
HIT
x-amz-version-id
2565e29b-ad30-4c0f-a232-0192436d225c
age
5
etag
"2b98703278c7e778a0f3c9429506821d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oCmKuBi7iDg2pcqfLDAhVy1MbO0KEYEiqA8LGHIzRgL49eLifhFzRYUBQ0fdEQjaUh7pl1tpJ9a7r513u%2BqxBvXgMFaZ4PhxdNzPxtsHnMpZuPMfDoRtUk5Kw6s%2BbHaJNEYndBtrKkqt"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-form-version-id
0b6bb1e6-805a-4a7e-841d-febbb14d10af
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=52891&sent=4175&recv=569&lost=14&retrans=15&sent_bytes=4836344&recv_bytes=51911&delivery_rate=561423&cwnd=64320&unsent_bytes=0&cid=a6a7cbcc923ada0d&ts=7356&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 00:13:06 GMT
last-modified
Sun, 19 Feb 2023 16:58:10 GMT
vary
Origin, Accept-Encoding
priority
u=3,i
x-amz-id-2
941221daf4c1ffe9564706e8cc4a4e486ea8d70d53b890660df8856294586de4
x-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
Content-Range
bytes 4253064-446248478/446248479
x-amz-request-id
18088DA905357399
cf-ray
8e3b83537a38adc5-ATL
Content-Length
441995415
x-xss-protection
1; mode=block
server
cloudflare

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| fbq function| _fbq object| _geo_info function| clearImmediate function| setImmediate object| intlTelInputGlobals object| intlTelInputUtils

3 Cookies

Domain/Path Name / Value
.giveo4jlf.click/ Name: cf_clearance
Value: ERmqDbNvHfgBFZl31VADFEUcp4GzH1Uus_4_yDI9k_I-1731802381-1.2.1.1-8VstT7B8GFofU8eU7s74VdfcBE4UQga_tC5iYEzB_CEF3W5v.VZI8DfSLn_0k7eOhe27ny2Vilwj5avSWwWgZrvX8QhfTBbFljDFSX.QmmdB_VFy20BsoNocFH2kjXDoVtEq6hjJPsOw10RXog.N5Rp9YjbCCavim7TajfdpCgCeOv1dfX6iygbGurDj98rlQYtyMuh86qR8j2HQ5dmJY.iaHE0xHyZu1S3K2OMkjnB3ZfO0HzHs0bVgNX0WcOvdJf.65SXJLOBdzOPyydHwdH5CoyvorO1qoBbjo10U2Tn4ccCoLDb5AoR6IcfHuiaeDOGPeiNirBce2vr3kqFDEDg3GGrfvmu_hn8PSQiFy2IUAS7c84KgDaPYGIhVxubq
.giveo4jlf.click/ Name: _fbp
Value: fb.1.1731802381658.8902355823971498
.tesl3r.giveo4jlf.click/ Name: tr_uuid
Value: f6ea0880-844b-46ac-a26d-03581027f60f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
tesl3r.giveo4jlf.click
www.facebook.com
142.251.41.3
157.240.241.1
157.240.241.35
172.67.168.229
2607:f8b0:4006:81e::200a
0b07c21579d587c4b00ea06eee2735cdd27f042f9b6b5e34b292ba29d47bc01d
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
34efa3a75f8fd70ddce353d2b6288f3a5898755da14c6742e97c9f2a62ba82ea
3c16906c4ccf4fd25089643418eef09c372ca75dc2b06a7ef51f9fba6e644eff
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f
541a8b21dca9ae75412bdd437491f254b732493073a42a4762e803bcc3d9133a
54649217b71b281de0bdaccd131906fc75e11abacdc0e64a55e5d1c1974e3b4d
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
653e1b336a0f2e9bc0199f72005ee74cd842458e5111cfcc186eaf20b3e660e4
7019a5bf4b0ef89d44f80a9b285872a599f6d3f41a4ee650e76ad7cc72adde53
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7750f073916a9724d0bf1a60cfc5da2bdd010fd7bec7ef77849ddec530a34f63
a47adf837d4a9dfc03e5da448e7e99b69b1d50c4e6a78e37582656e5eeee26c6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab0b12972401ac5a0cb20b1095f55f67cfbe6b9b905d6c4d38fbb5fd7b33b93b
af38c6ebfad2a8a0a99bb79daaea14f14486c8cd50941067c97632ee677fb128
af7fbc08ea12c52c856729cb5caea0b8cc2dab37a8ac4eacff50b5f5accaf2df
c1285d7fe9f93005132d6f14c46e78d20a4e7f5c51ad45a23992a5eb3ab2726d
ce7ac71875b35c4508358c34b4595be50c0c2c94bb418fb46edc8c207f6a9170
d5f23520aa7639c840c4227ee16d8536f4c20226afab53bf775e5636603958af
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dd9d762f29bb0030ff08298e8a9aea71bca1a49bf66e40789da21d58dce84c65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eeefaf117ed5865f04640be52c53ac8b4e8e4159171b1132023ad25d2d041286
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f10eb8cc0cf0ff162da018e8590df5294d4e85db52425f1e51bfaf5da4016928