ggadskuat1.shop Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://asall-jadi76.shop/
Effective URL:
https://ggadskuat1.shop/forbidden
Submission: On October 05 via api (October 5th 2024, 3:03:47 pm UTC) from BE — Scanned from NL

Summary HTTP 46 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 15 domains to perform 46 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ggadskuat1.shop.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.

This is the only time ggadskuat1.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	162.0.217.29 162.0.217.29	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 15	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4 4	2606:4700:20:... 2606:4700:20::ac43:4558	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:440... 2606:4700:4400::6812:21ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
2	23.38.98.94 23.38.98.94	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
46	13

2 162.0.217.29 (Amsterdam, Netherlands)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium195-2.web-hosting.com

asall-jadi76.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gengg777ads2.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ggadskuat1.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f6cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4558 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:21ce (United States)

ASN13335 (CLOUDFLARENET, US)

lottie.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.98.94 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-94.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.livechat-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ggadskuat1.shop 2 redirects ggadskuat1.shop	421 KB
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5927 api.livechatinc.com — Cisco Umbrella Rank: 5615 secure.livechatinc.com — Cisco Umbrella Rank: 6850	34 KB
4	shorturl.at 4 redirects shorturl.at — Cisco Umbrella Rank: 62614 www.shorturl.at — Cisco Umbrella Rank: 70152	2 KB
3	gstatic.com fonts.gstatic.com	29 KB
3	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10512	692 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	lottie.host lottie.host — Cisco Umbrella Rank: 49363	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	36 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 797	121 KB
2	asall-jadi76.shop asall-jadi76.shop	2 KB
1	livechat-files.com cdn.livechat-files.com
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	gengg777ads2.shop 1 redirects gengg777ads2.shop	522 B
0	linkcdn.cloud Failed images.linkcdn.cloud Failed
46	15

	Domain	Requested by
15	ggadskuat1.shop	2 redirects ggadskuat1.shop
3	api.livechatinc.com	cdn.livechatinc.com
3	fonts.gstatic.com	fonts.googleapis.com
3	blogger.googleusercontent.com	ggadskuat1.shop
2	www.facebook.com	ggadskuat1.shop
2	lottie.host	unpkg.com
2	connect.facebook.net	ggadskuat1.shop connect.facebook.net
2	www.shorturl.at	2 redirects
2	shorturl.at	2 redirects
2	cdnjs.cloudflare.com	ggadskuat1.shop
2	unpkg.com	1 redirects ggadskuat1.shop
2	asall-jadi76.shop
1	cdn.livechat-files.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	cdn.livechatinc.com	ggadskuat1.shop
1	fonts.googleapis.com	ggadskuat1.shop
1	gengg777ads2.shop	1 redirects
0	images.linkcdn.cloud Failed	ggadskuat1.shop
46	18

This site contains links to these domains. Also see Links.

Domain
hostingforrtp2024.shop
www.facebook.com
t.me

Subject Issuer	Validity	Valid
asall-jadi76.shop Sectigo RSA Domain Validation Secure Server CA	`2024-09-28` - `2025-09-28`	a year	crt.sh
ggadskuat1.shop WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-14` - `2024-10-12`	3 months	crt.sh
lottie.host WE1	`2024-08-16` - `2024-11-14`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ggadskuat1.shop/forbidden
Frame ID: CD573817AB6608CDCFB3C2EA3822AE7A
Requests: 45 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=16502112&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Frame ID: CA2E784932E6C7F9B576D801412683A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://asall-jadi76.shop/ Page URL
https://gengg777ads2.shop/register/W1N7JP3P HTTP 301
https://ggadskuat1.shop/register/W1N7JP3P HTTP 302
https://ggadskuat1.shop/forbidden Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

72 %
HTTPS

43 %
IPv6

15
Domains

18
Subdomains

13
IPs

4
Countries

1412 kB
Transfer

3121 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://hostingforrtp2024.shop/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/1864506924067414

Search URL Search Domain Scan URL

URL: https://t.me/+6281928880205

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://asall-jadi76.shop/ Page URL
https://gengg777ads2.shop/register/W1N7JP3P HTTP 301
https://ggadskuat1.shop/register/W1N7JP3P HTTP 302
https://ggadskuat1.shop/forbidden Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Request Chain 24

https://shorturl.at/wiPCn HTTP 301
https://www.shorturl.at/wiPCn HTTP 302
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDgPKnwLsmgCKnPlktmFIPixph4jfPC0QKaMuq07rPQUY0q1RJwOO0P5-LnfPvJgDIDySV_xKxnmqhaxGMFvWpkXhpxDZmFGopl0qE4S9vMDc3sVHrduFBpWVv6TnmHj3WklDRaZPKM5MIfyC6JHObUecq-wZ5rJ_JGubz5RsfrwZq2Tx_OHIks0_te6M/s230/51585-multi-media-computer-internet-facebook.gif

Request Chain 25

https://shorturl.at/wABN7 HTTP 301
https://www.shorturl.at/wABN7 HTTP 302
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4W_yECuFBL424fjJUishkY4VQjZgYV6_xfakpezvCyoDg0T3ZrUbRo7BVR3vLVVspLxwWLUTUXyV0Joh6ZOHEIDyN4Nji1eKmWZR-wQiZ7MhRdhb3bAgxzgPYscY2VfKFQYt8YNsyzcRalTj7steIoVx3BxHiqgU1GeZQGNxY0mOPXQKbtUHiAYg4Af4/s200/TELEGRAM-KERBAU777%20%281%29.gif

Request Chain 36

https://ggadskuat1.shop/paymentService HTTP 302
https://ggadskuat1.shop/forbidden

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
asall-jadi76.shop/ 160 B
306 B 318ms
268ms Document
text/html 162.0.217.29
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://asall-jadi76.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.217.29 Amsterdam, Netherlands, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium195-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 31718b8627a3c75665a9976a63a9ba5a16d8a8ff394012313261999cda4cf8fa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 160
content-type: text/html
date: Sat, 05 Oct 2024 15:03:42 GMT
last-modified: Sun, 29 Sep 2024 08:39:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H3

403

Primary Request forbidden Show response
ggadskuat1.shop/
Redirect Chain

https://gengg777ads2.shop/register/W1N7JP3P
https://ggadskuat1.shop/register/W1N7JP3P
https://ggadskuat1.shop/forbidden

26 KB
9 KB

349ms
349ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6733d4eeda26305a15bdd02041dde70c404c522d7208f815a0d911c83d653ea9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://asall-jadi76.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cde4ccf5d9fd0d5-AMS
content-encoding: br
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Sat, 05 Oct 2024 15:03:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sU%2BSQ8We2g2UmUpus1%2BT5xVMFY4dfzh0VvU4fVPWMCxcXBZ4j2oL9aITWoFtpKXQbiUdFVoNQ4xdW5OwgH8G7Ihx6bHjdEuemcYLXG16DqgmvcnN0f0%2BZeKZtjo%2F26oNdCQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8cde4cc9ee23d0d5-AMS
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Sat, 05 Oct 2024 15:03:43 GMT
location: https://ggadskuat1.shop/forbidden
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L32onWVdwW7yy3p52fMz9hi2Kq4sy%2Bkeya55W7dUhgmFSCD628hFUjeVk9FMcZIKTcEtv9FGm38MbAS9fhsYj60QngoFLS5DHaSmiHZnqiHApmlKIVFfqJZdl3%2FBQPs94Wc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block

GET
H2 404 favicon.ico
asall-jadi76.shop/ 1 KB
1 KB 151ms
151ms Other
text/html 162.0.217.29
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://asall-jadi76.shop/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.217.29 Amsterdam, Netherlands, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium195-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://asall-jadi76.shop/

Response headers

x-turbo-charged-by: LiteSpeed
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 05 Oct 2024 15:03:42 GMT
content-type: text/html
server: LiteSpeed

GET
H3 200 speculation
ggadskuat1.shop/cdn-cgi/ 128 B
538 B 24ms
23ms Other
application/speculationrules+json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ggadskuat1.shop/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ggadskuat1.shop
Referer: https://ggadskuat1.shop/forbidden

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydQhkikFYWQ8bndCzYzxsFPM%2FDxkBC9ilImY0EkuhjmgfVqsAVVVpleJ%2BD2uXrg4lHk6uslCf836TEaeb8TaCY8Bau83fTNsjldsbPlMYZrslum%2FqomJruJrjWkZ7mEDk94%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cde4cd1d8dfd0d5-AMS
access-control-allow-origin: https://ggadskuat1.shop
content-length: 128
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 fa-solid-900.woff2
ggadskuat1.shop/themes/1/font/font-awesome/webfonts/ 78 KB
79 KB 33ms
32ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/font/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ggadskuat1.shop
Referer: https://ggadskuat1.shop/forbidden

Response headers

cf-cache-status: HIT
etag: "139ac-62b2b50e-bcf5e;;;"
age: 147324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JGdzUPIyuIiZFNsvHF2hU79%2BUhOp2Y9lWaJwrrZw8H0j8RNut%2BC1RDWmFf9ziKEeaSU3xQZA%2FUYFyb2m37nsZE6OiEzA%2Bx%2FPXSEQHD2iH80ZG71nP5ubxcwlWAW8Bipo3Uo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 22:08:19 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: font/woff2
last-modified: Wed, 22 Jun 2022 06:22:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd1d8e1d0d5-AMS
accept-ranges: bytes
content-length: 80300
x-xss-protection: 1;mode=block
server: cloudflare

GET
H3 200 fa-brands-400.woff2
ggadskuat1.shop/themes/1/font/font-awesome/webfonts/ 77 KB
77 KB 48ms
46ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/font/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ggadskuat1.shop
Referer: https://ggadskuat1.shop/forbidden

Response headers

cf-cache-status: HIT
etag: "1327c-62b2b50e-bcf54;;;"
age: 515210
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGR7etYtTBJ6x%2Fu8r72uwHtj98HWlsgQOe4wnG27JUothdm4QqpUcNhYaTjrs%2FNACLsBpEWUtOJmxIRxFRlml9RLJkGUC5gTvK8voNJrUgAeNuVf%2FMq%2FpCywkIZjU8N28ac%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 15:56:53 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: font/woff2
last-modified: Wed, 22 Jun 2022 06:22:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd1d8ebd0d5-AMS
accept-ranges: bytes
content-length: 78460
x-xss-protection: 1;mode=block
server: cloudflare

GET
H3 200 global.css
ggadskuat1.shop/themes/1/css/ 196 KB
32 KB 48ms
46ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/css/global.css

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a471555529d40fa30e3bf4211032a1fbb9e831a8d4391767af4f35153095488c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"30e8f-630f072b-bc842;br"
age: 147324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tm8Xd7uSSnPl2%2FG%2BB8OWCoTG8VlUNbFtsFduNVDt9xd%2BxWQEgh3i0DLaO%2BRfSgaQSmBuhZtEKemb4C8Gfr5VLdqCpXiKMgz5WaoWqL%2BgJ8A6FADZIITRxjyoMSmmqvaCJl8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 22:08:19 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2022 07:00:59 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd1d8ecd0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET
H3 200 all.min.css
ggadskuat1.shop/themes/1/font/font-awesome/css/ 58 KB
13 KB 97ms
95ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/font/font-awesome/css/all.min.css

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"e7d0-62b2b50e-bc853;br"
age: 211242
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2F6UVbXfEO%2BDVhuDkMyHXuW2WtGkbS2QTqM973c0mTNhk1O68SfAbR1fzQZ7bW0JmdYpQh7l7SVRd3E2g5K1UmSiJP1%2B8p8UB9s1m52JtZ4QERF5Aa%2FDNg%2BRvdf4fSZTz2g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 04:23:01 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 06:22:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd1d8eed0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET
H3 200 style.css
ggadskuat1.shop/custom/css/ 156 KB
21 KB 97ms
96ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/custom/css/style.css

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

960a3305e289a5caa0f40e1c6ec82dbbd17cf7278e3a4272a8cf3cc1603b13d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"26ffb-6540a9b1-810f9;br"
age: 211242
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cEE%2FX4Tm80buWNvYRxVgEEt5cx0KJbhutArjBdmW4zIRXLHCwvN0wo%2BgQZ4hJZV6n22JWXlbG6aa2UiLNsgowzegjrXJcwAYEcctHpQnboiNQmr4ZyUo3DY76vmVhHAG3I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 04:23:01 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: text/css
last-modified: Tue, 31 Oct 2023 07:16:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd1d8f0d0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET
H3 200 custom.css
ggadskuat1.shop/themes/1/sass/ 24 KB
5 KB 98ms
96ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/sass/custom.css?v=2.0.1791

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e12d23b767df2e04febac18954dee965c50beeb4033cc14d8db075623978b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5e4d-66ab34ac-bb893;br"
age: 211242
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ZiWSGTU9Rxj36qW8sbBBMRQ3j2HhPz%2BK%2F1m%2Boc3dRP%2BbcCSG6l8Qq4BvSl5Dt%2BZGVDAswHBQu2zS4lfEKlIIBpd4UMNVlwKGoIGArbUvZq4ZmkzAGrs9StuyzYdUEqOh5A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 04:23:01 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: text/css
last-modified: Thu, 01 Aug 2024 07:09:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd1d8f1d0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET eg.png
images.linkcdn.cloud/global/error/flag/ 0
0

GET id.png
images.linkcdn.cloud/global/error/flag/ 0
0

GET ph.png
images.linkcdn.cloud/global/error/flag/ 0
0

GET th.png
images.linkcdn.cloud/global/error/flag/ 0
0

GET cn.png
images.linkcdn.cloud/global/error/flag/ 0
0

GET vn.png
images.linkcdn.cloud/global/error/flag/ 0
0

GET br.png
images.linkcdn.cloud/global/error/flag/ 0
0

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

371 KB
121 KB

45ms
45ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
age: 134618
x-content-type-options: nosniff
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J9AJY7TSHD2EJBHZS790GY69-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8cde4cd3282d0e3c-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
content-encoding: br
cf-cache-status: HIT
age: 579
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8cde4cd2bf790e3c-AMS
access-control-allow-origin: *
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01J9EJRSSWYJ77HVXHP689DMQ6-ams
server: cloudflare

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 53ms
31ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-1514f"
age: 308585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itk5RnuFd7qvRCpL9GcNaWZBz9Qk5daOZ813RmeGTi4CUwNWzS8ToUQUAbQngmXwHrBEg4b0v%2FNNSBrQR8aqEf0dkRbIkq0FbVcxmbErqleMAhn6Pgr0J3YKKufLsInBWQbezZN%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 15:03:43 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cde4cd2cfb466b8-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27198
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
9 KB 29ms
28ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb04010-90b5"
age: 1374902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6aPYQpBmWaZ0ihDNAZe2LSNInGeR2NK52afYsSTWMcjRLPWek%2FMw3PHZ1oKa7Yn6eumKcs1h7SkBu%2BqFiDclKwXZ%2BQCz9rDrvHQUK%2FAWjjT9ox4ZIFL2pYQdmtZRXoq7HedbZz0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 15:03:43 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:17:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cde4cd3186e66b8-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8722
server: cloudflare

GET
H3 200 vendor.js Show response
ggadskuat1.shop/themes/1/js/ 548 KB
160 KB 55ms
55ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/js/vendor.js

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f490f5fa9e6dc8a684924cf4bb6afd8f7201db74e11f66e9a17c167788fdf3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"88e67-62b2b50f-bd02a;br"
age: 211241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWxHTvtNa04DvY1j3hB3MYejv6ogNGIwjU5q%2BSuK3EXIjJduUIT1Lpk6mjjrLAZoIgxqBfIcUNDNU9roxjtS0mDpionLp%2Bt07JqFyfkR3FlBOYcCjUdkTME2VqH9Vkb0fKg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 04:23:01 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/x-javascript
last-modified: Wed, 22 Jun 2022 06:22:07 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd34ad8d0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET
H3 200 global.js Show response
ggadskuat1.shop/themes/1/js/ 16 KB
4 KB 35ms
35ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/js/global.js?v=2.0.1791

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ed55b9c0bd82bec88170bafb79bb3c264b7af06a82c2e10e9b2944f1716af78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"41bd-63ea2663-bd017;br"
age: 211241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLF5EvXTbFgLAXM6C9U3F412t3aaSoR%2FXwoT6OGMsT%2F0Abgjg4rSrYUJOB13UtQKx0l4e7%2B71WD%2FZgOj%2BXrY0ANz5KiM9Q499uEguZPMiGWFz1DQhbeqd53ev3fn6W4DYh8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 04:23:02 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/x-javascript
last-modified: Mon, 13 Feb 2023 12:00:35 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd3ab57d0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET
H3 200 index.js Show response
ggadskuat1.shop/themes/1/js/ 1 KB
1 KB 45ms
43ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/js/index.js?v=2.0.1791

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b85bc80cf0cc49cdef6de514d671b2af8794334e45a443e4e2b2b4943946174

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"571-62b2b50f-bd019;br"
age: 211241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w541gormL2Rx6nQmrfrXy6BbT94%2BAdFF%2FzqxWiActA6S4SsCdGuUslskKXtAVs3VZsONsxDzXyWml7Kb4f3MeIQOzfHIwalbtjzQclsqjvkK3%2F7MK97YjHst%2BtgaenTU%2Fz0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 04:23:02 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/x-javascript
last-modified: Wed, 22 Jun 2022 06:22:07 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd3bb6ed0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET
H3 200 jquery.validate.min.js Show response
ggadskuat1.shop/themes/1/vendor/jquery-validate/ 24 KB
9 KB 34ms
31ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/themes/1/vendor/jquery-validate/jquery.validate.min.js

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5f7b-62b2b50f-bd087;br"
age: 211241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tA41f7owdGhrBuTzT%2FeeAnuOxQ%2FHTxzr%2B9jf24%2FZ1cl92k4ua8QuGyzKRk13jOPUvAD4oGj%2F76sNID0WLl%2B%2BVZ4ShZ4Q%2FyBTCWYaUTMUQIdVLxaAV4jmCtAEmARdjiVuUlI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 04:23:02 GMT
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/x-javascript
last-modified: Wed, 22 Jun 2022 06:22:07 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd3bb73d0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET
H2 200 RTP%20GENG777.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZzeEX3jyWSmirsVgUhJpNx2Qtp243D2ydl4CJtDWcuRf0AUiYZCAa6rehEJEtE1hm3csg36EPGmxZlmFIvju6k-nCimpvlr_ILZacYH74lYClDUAa5HO8Jr-t0IaaT_t24DZwuYT2pCueYbx8... 356 KB
357 KB 543ms
436ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZzeEX3jyWSmirsVgUhJpNx2Qtp243D2ydl4CJtDWcuRf0AUiYZCAa6rehEJEtE1hm3csg36EPGmxZlmFIvju6k-nCimpvlr_ILZacYH74lYClDUAa5HO8Jr-t0IaaT_t24DZwuYT2pCueYbx8VWBuAUb_M3Rum64GAaT__q0-Bmz8K2HWkSQSNIpzRiQ/s209/RTP%20GENG777.gif

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91230f90004e3b3ece62e68e0c309ace208eb336ed34512c97865cd0d1c0cc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "ve0"
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 15:03:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364857
date: Sat, 05 Oct 2024 15:03:44 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="RTP GENG777.gif"

GET
H2

200

51585-multi-media-computer-internet-facebook.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDgPKnwLsmgCKnPlktmFIPixph4jfPC0QKaMuq07rPQUY0q1RJwOO0P5-LnfPvJgDIDySV_xKxnmqhaxGMFvWpkXhpxDZmFGopl0qE4S9vMDc3sVHrduFBpWVv6TnmHj3WklDRaZPKM5MIfyC6...
Redirect Chain

https://shorturl.at/wiPCn
https://www.shorturl.at/wiPCn
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDgPKnwLsmgCKnPlktmFIPixph4jfPC0QKaMuq07rPQUY0q1RJwOO0P5-LnfPvJgDIDySV_xKxnmqhaxGMFvWpkXhpxDZmFGopl0qE4S9vMDc3sVHrduFBpWVv6TnmHj3WklDRaZPK...

321 KB
321 KB

453ms
452ms

Image
image/gif

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDgPKnwLsmgCKnPlktmFIPixph4jfPC0QKaMuq07rPQUY0q1RJwOO0P5-LnfPvJgDIDySV_xKxnmqhaxGMFvWpkXhpxDZmFGopl0qE4S9vMDc3sVHrduFBpWVv6TnmHj3WklDRaZPKM5MIfyC6JHObUecq-wZ5rJ_JGubz5RsfrwZq2Tx_OHIks0_te6M/s230/51585-multi-media-computer-internet-facebook.gif

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61bed2b3d6f7e7c9422e3ca4161424794870b3514050ee5c38d8df91bbd1f933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vd4"
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 15:03:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328785
date: Sat, 05 Oct 2024 15:03:44 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="51585-multi-media-computer-internet-facebook.gif"

Redirect headers

x-server-powered-by: Engintron
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDgPKnwLsmgCKnPlktmFIPixph4jfPC0QKaMuq07rPQUY0q1RJwOO0P5-LnfPvJgDIDySV_xKxnmqhaxGMFvWpkXhpxDZmFGopl0qE4S9vMDc3sVHrduFBpWVv6TnmHj3WklDRaZPKM5MIfyC6JHObUecq-wZ5rJ_JGubz5RsfrwZq2Tx_OHIks0_te6M/s230/51585-multi-media-computer-internet-facebook.gif
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPugj0OsNgTRCPRg%2B6XS7dpk0pT9jGcey6R3DcfvWyo2Kj%2B%2B9MHe0b9yVJ4hyAOXGWZLaznr7ePTJi2DZjlif6uI%2FFBoaUq4JGNVFy%2Be%2Br%2BJXO5wpJyt58mIbSQsffBlUoALogk3PuDWXZeJwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8cde4cd4cc8c6612-AMS
date: Sat, 05 Oct 2024 15:03:44 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-nginx-upstream-cache-status: EXPIRED
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2

200

TELEGRAM-KERBAU777%20%281%29.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4W_yECuFBL424fjJUishkY4VQjZgYV6_xfakpezvCyoDg0T3ZrUbRo7BVR3vLVVspLxwWLUTUXyV0Joh6ZOHEIDyN4Nji1eKmWZR-wQiZ7MhRdhb3bAgxzgPYscY2VfKFQYt8YNsyzcRalTj7...
Redirect Chain

https://shorturl.at/wABN7
https://www.shorturl.at/wABN7
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4W_yECuFBL424fjJUishkY4VQjZgYV6_xfakpezvCyoDg0T3ZrUbRo7BVR3vLVVspLxwWLUTUXyV0Joh6ZOHEIDyN4Nji1eKmWZR-wQiZ7MhRdhb3bAgxzgPYscY2VfKFQYt8YNsy...

14 KB
14 KB

498ms
498ms

Image
image/gif

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4W_yECuFBL424fjJUishkY4VQjZgYV6_xfakpezvCyoDg0T3ZrUbRo7BVR3vLVVspLxwWLUTUXyV0Joh6ZOHEIDyN4Nji1eKmWZR-wQiZ7MhRdhb3bAgxzgPYscY2VfKFQYt8YNsyzcRalTj7steIoVx3BxHiqgU1GeZQGNxY0mOPXQKbtUHiAYg4Af4/s200/TELEGRAM-KERBAU777%20%281%29.gif

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

582f30052a21ed6fff0fc7d7b3620ed8ee8a5ad6e5429eb2b47662217118f151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vc6"
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 15:03:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14357
date: Sat, 05 Oct 2024 15:03:44 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="TELEGRAM-KERBAU777 (1).gif"

Redirect headers

x-server-powered-by: Engintron
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4W_yECuFBL424fjJUishkY4VQjZgYV6_xfakpezvCyoDg0T3ZrUbRo7BVR3vLVVspLxwWLUTUXyV0Joh6ZOHEIDyN4Nji1eKmWZR-wQiZ7MhRdhb3bAgxzgPYscY2VfKFQYt8YNsyzcRalTj7steIoVx3BxHiqgU1GeZQGNxY0mOPXQKbtUHiAYg4Af4/s200/TELEGRAM-KERBAU777%20%281%29.gif
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xwp5RqZY0t6ZfN%2BW8e5tZsvsqYSgOXBlfKGwfBJ0zhnSgZDMTiM2uhPjUfV8Ev7I%2Fe%2BDA3ui4UpBpNnAHAHwzWyGH6HA7XkI4l3ljiS2URzj2FBhiRN%2F9d690VNRCUmt8A1ucEgh6KjnF06QVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8cde4cd4cc8a6612-AMS
date: Sat, 05 Oct 2024 15:03:44 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
x-nginx-upstream-cache-status: EXPIRED
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 175ms
61ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/custom/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

536fd20c8bafa2723e13150c9c97b47dcd121eead4ca3e416ab2c4cebe7447d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 05 Oct 2024 15:03:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 05 Oct 2024 14:58:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 50ms
23ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Sat, 05 Oct 2024 15:03:43 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4455, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: WJxFn6AqZAWAZ3xmFMrgpeiXDnBpkz40b8qKA4MrFpkSVJl2ShuzgsKBbtWqetpcKM1gAgIsg5mPB48GzofeXg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 raNjh4CJWn.json Show response
lottie.host/1f2b3951-24c2-447d-8d28-3ea4e519eda2/ 7 KB
1 KB 94ms
54ms XHR
application/json 2606:4700:4400::6812:21ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lottie.host/1f2b3951-24c2-447d-8d28-3ea4e519eda2/raNjh4CJWn.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8634ddaaf99ec97188383a21c1e465c6c8311b8de182a3a2a362778d64123f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

access-control-max-age: 1800
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-version-id: K70cLWoPfCz4na1QmP5ST.7cs2EE9yAD
etag: W/"839a44a2ad637e1fc55324c3ff0cd2c8"
age: 180
access-control-allow-methods: GET, PUT, POST
x-cache: Hit from cloudfront
x-amz-cf-id: VertTWcXIRBS0IgZ2izKIKDMjeAXKAvUW3zLPTW2gS_Dbhyi84dHWw==
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: application/json
last-modified: Fri, 25 Aug 2023 10:54:33 GMT
vary: Accept-Encoding,Origin
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
cf-ray: 8cde4cd40fda6688-AMS
access-control-allow-origin: *
x-amz-cf-pop: AMS54-C1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 raNjh4CJWn.json Show response
lottie.host/1f2b3951-24c2-447d-8d28-3ea4e519eda2/ 7 KB
0 94ms
94ms Fetch
application/json 2606:4700:4400::6812:21ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lottie.host/1f2b3951-24c2-447d-8d28-3ea4e519eda2/raNjh4CJWn.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8634ddaaf99ec97188383a21c1e465c6c8311b8de182a3a2a362778d64123f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

access-control-max-age: 1800
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-version-id: K70cLWoPfCz4na1QmP5ST.7cs2EE9yAD
etag: W/"839a44a2ad637e1fc55324c3ff0cd2c8"
age: 180
access-control-allow-methods: GET, PUT, POST
x-cache: Hit from cloudfront
x-amz-cf-id: VertTWcXIRBS0IgZ2izKIKDMjeAXKAvUW3zLPTW2gS_Dbhyi84dHWw==
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: application/json
last-modified: Fri, 25 Aug 2023 10:54:33 GMT
vary: Accept-Encoding,Origin
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
cf-ray: 8cde4cd40fda6688-AMS
access-control-allow-origin: *
x-amz-cf-pop: AMS54-C1
server: cloudflare
x-amz-server-side-encryption: AES256

GET bod_forbiden.jpg
images.linkcdn.cloud/global/error/ 0
0

GET
H3 200 cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 10 KB
10 KB 58ms
25ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

406c2b0cf20e0f7a831f2955b12b27947e5032827c3735c8b15d8bb4213086d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ggadskuat1.shop
Referer: https://fonts.googleapis.com/

Response headers

age: 105069
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 09:52:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 09:52:35 GMT
last-modified: Thu, 24 Aug 2023 17:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10040
x-xss-protection: 0
server: sffe

GET
H3 200 cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 10 KB
10 KB 64ms
32ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v11/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ggadskuat1.shop
Referer: https://fonts.googleapis.com/

Response headers

age: 103190
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 10:23:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 10:23:54 GMT
last-modified: Thu, 24 Aug 2023 17:51:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9748
x-xss-protection: 0
server: sffe

GET
H3 200 cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 10 KB
10 KB 62ms
29ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ggadskuat1.shop
Referer: https://fonts.googleapis.com/

Response headers

age: 55068
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 23:45:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 23:45:56 GMT
last-modified: Thu, 24 Aug 2023 17:55:42 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9896
x-xss-protection: 0
server: sffe

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 84 KB
27 KB 104ms
24ms Script
application/javascript 23.38.98.94
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-94.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6f4cbb57424c17f94fae1d9e0bc37ca4c176421942961c6661fac7c19ca66106

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

content-encoding: br
x-amz-version-id: hhcLDxU80CIHxHQRal5xJ7lGn44du7VY
etag: W/"7e85d53a9ebd8c116f4414e9bc7146c8"
expires: Sat, 05 Oct 2024 23:03:44 GMT
x-amz-cf-id: rMvEoHEV7sblYgvQPVyNH6061RWkZ3xjxa2skx7vHl3o_TUwmHEJkw==
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Oct 2024 13:21:47 GMT
vary: Accept-Encoding
cache-control: max-age=28800
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 26990
x-amz-cf-pop: FRA60-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 489022636940960 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 131ms
131ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489022636940960?v=2.9.170&r=stable&domain=ggadskuat1.shop&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

395d421a77c0fc4119778d92f7354b2e8efc0aca7183040b0d5c720070156132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=74, mss=1232, tbw=67317, tp=63, tpl=0, uplat=108, ullat=0
pragma: public
x-fb-debug: Ody13mkQu01xNI3gTWlVGyFpi3sdRsFoWAwnINGGmlHaliO77Lwo4Aa6Lt1SbLqfGIME8Gvm3lEkXnQvtr3eMg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3

403

forbidden Show response
ggadskuat1.shop/
Redirect Chain

https://ggadskuat1.shop/paymentService
https://ggadskuat1.shop/forbidden

26 KB
9 KB

348ms
347ms

XHR
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ggadskuat1.shop/forbidden

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c3b66bb1d55dae1ccbbc7ac74a15620ef0ae276f502cdcdebf7584ca5a79372

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/forbidden

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PxdTEx3GQJeOHLG%2BFawBY1juFJu3KDeyFiPDZMAyv0gVZEK%2F91%2BFlITnLYgpPmJBaTL5bHaWT2DD3RDQrVSm2ZWHw%2BoAMdqhsDHggHOSTn7WyV4FEs2INyAT9%2BrvOpXitLk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd69f0bd0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8m8NscpwKeobV5NwDSlVHIVIDtt1RhlT8u1%2FajhORShfURyzWDqs662X729NTVJvm7RewFfB5EcfHgMv1zh9aEyo9%2FmoAjy0zMA1YWiqaFSaFBAyEAU%2FeLkDlLo60TdRZg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000
content-security-policy: default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control: no-cache, private
location: https://ggadskuat1.shop/forbidden
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cde4cd49cb0d0d5-AMS
x-xss-protection: 1;mode=block
server: cloudflare

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 386 B
602 B 245ms
169ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=16502112&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fggadskuat1.shop%2Fforbidden&channel_type=code&jsonp=__8z1lr4re0t6

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

Resource Hash

ea67b7dc0417f27a71887313ff79a52ca840dfff45d87519f3b07b80917aeab2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ggadskuat1.shop/;
X-Frame-Options	allow-from https://ggadskuat1.shop/

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

content-security-policy: frame-ancestors https://ggadskuat1.shop/;
content-length: 386
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
x-frame-options: allow-from https://ggadskuat1.shop/

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 76ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489022636940960&ev=PageView&dl=https%3A%2F%2Fggadskuat1.shop%2Fforbidden&rl=https%3A%2F%2Fasall-jadi76.shop%2F&if=false&ts=1728140624211&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728140624209.942672256339931916&cs_est=true&ler=other&cdl=API_unavailable&it=1728140624064&coo=false&rqm=GET

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2912, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 253ms
201ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=489022636940960&ev=PageView&dl=https%3A%2F%2Fggadskuat1.shop%2Fforbidden&rl=https%3A%2F%2Fasall-jadi76.shop%2F&if=false&ts=1728140624211&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728140624209.942672256339931916&cs_est=true&ler=other&cdl=API_unavailable&it=1728140624064&coo=false&rqm=FGET

Requested by

Host: ggadskuat1.shop
URL: https://ggadskuat1.shop/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7422307464313730621"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7422307464313730621", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: QC1g3mFUQNpkz8GpruknSJWxuQlN6YPJvjXTyLA1W56UPOYY5W4GL4MQs1XM/qfPAF8AwVY9qDMitspsN5CdNg==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=3230, tp=-1, tpl=-1, uplat=176, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 6 KB
2 KB 201ms
201ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=f95f65de-5ced-4beb-a5c0-1dd165bcfcb7&version=396.0.2.15.149.264.9.3.1.5.1.45.2&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1ae36a3743279fb201e64ed19c1240900b8976686797fe493bb46c6536fc6dd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
expires: Sat, 05 Oct 2024 15:13:44 GMT
content-length: 2154
date: Sat, 05 Oct 2024 15:03:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame CA2E 0
0 625ms
543ms Document
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16502112&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://ggadskuat1.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 746
Content-Type: text/html; charset=utf-8
Date: Sat, 05 Oct 2024 15:03:45 GMT
Vary: Accept-Encoding
cross-origin-resource-policy: cross-origin

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 12 KB
4 KB 535ms
534ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=f95f65de-5ced-4beb-a5c0-1dd165bcfcb7&version=470b74842e9d45ce9f156d1d5a957bad_151c5f77def5a3a6c07a4af93c84a600&language=id&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6106adbd82bdb7f22dd48884c999462b70afaf45a06e12e2896f90e804e646cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
expires: Sat, 05 Oct 2024 15:13:45 GMT
content-length: 4200
date: Sat, 05 Oct 2024 15:03:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET favicon-390104527.png
images.linkcdn.cloud/V2/1322/favicon/ 0
0

GET
H2 200 3f5550cc21e03f2b58315f7624c3f9a3.gif
cdn.livechat-files.com/api/file/lc/main/16502112/0/ec/ 252 KB
0 37ms
36ms Image
image/gif 23.38.98.94
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livechat-files.com/api/file/lc/main/16502112/0/ec/3f5550cc21e03f2b58315f7624c3f9a3.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-94.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ggadskuat1.shop/

Response headers

cache-control: private, max-age=46410
access-control-allow-origin: *
content-length: 1001510
date: Sat, 05 Oct 2024 15:03:47 GMT
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/global/error/flag/eg.png

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/global/error/flag/id.png

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/global/error/flag/ph.png

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/global/error/flag/th.png

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/global/error/flag/cn.png

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/global/error/flag/vn.png

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/global/error/flag/br.png

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/global/error/bod_forbiden.jpg

Domain: images.linkcdn.cloud
URL: https://images.linkcdn.cloud/V2/1322/favicon/favicon-390104527.png

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-21 09:38:20	Name: __lc_cid Value: ca82f955-49d0-4dcc-a915-90c51221e178
.accounts.livechatinc.com/v2/customer/token	1970-01-21 09:38:20	Name: __lc_cst Value: 92e4098d24fca3e0488963ce093ecb3ade2ddc793667832477f59a1f5e6fe20c0d343de0741517342406fe61bbde5c51e1343cce64a6eac447af56e9e26e
.accounts.livechatinc.com/customer/token	1970-01-21 09:38:20	Name: __lc_cid Value: ca82f955-49d0-4dcc-a915-90c51221e178
.accounts.livechatinc.com/customer/token	1970-01-21 09:38:20	Name: __lc_cst Value: 92e4098d24fca3e0488963ce093ecb3ade2ddc793667832477f59a1f5e6fe20c0d343de0741517342406fe61bbde5c51e1343cce64a6eac447af56e9e26e
.linkcdn.cloud/	1970-01-21 00:02:22	Name: __cf_bm Value: 6WePoIBlFCLgjtsG36xJzgrg7t8Irtp1KAelZl07fl0-1728140623-1.0.1.1-Ja9WQzusmU.2VcBmPf3m9zaM1.3pPfQTd0X2DAp4OqxZzfpaEzvUqvzDBEyl7NyTm9ovPEJwyHT8gyC.pu9rxg
.ggadskuat1.shop/	1970-01-21 02:11:56	Name: _fbp Value: fb.1.1728140624209.942672256339931916
ggadskuat1.shop/	1970-01-21 00:02:27	Name: XSRF-TOKEN Value: eyJpdiI6IlRkM1Q3dFoyZzJoSDdub1MyT1E2Wnc9PSIsInZhbHVlIjoiRjZtNEtsRjJoVEZXY0YyMnpCN0lBNS8xL1lNSWx4ZzJSS21NMlFCUzBvM3JhQ3p3S1J5dmdITGVYVVZKVGM1L09yazBCMjB5NFgzbVVkb3IzR0RlNExjKy9TNGE3UnFMUmZnYi9hRW5KMUE5Y2kvRGpkV1I0VFZEaDJSbGttNlMiLCJtYWMiOiI5MTI5YWM1MjQzMDk3OGUyZTgzYTAzOGU4ZmIxNjhhMGU4ZTgyMTVhYzY0ODEzNzUwYTJkYWY5NzZmYjkxNDA0IiwidGFnIjoiIn0%3D
ggadskuat1.shop/	1970-01-21 00:02:27	Name: mpoplay_frontend_session Value: eyJpdiI6IkI0QU5oSVRDenBiT3k5enVQanhBcGc9PSIsInZhbHVlIjoiQnlLNmRENUVWbEN4T2ZFNUNtRWtZRnpXb0o3ZzVETWFtc1JxYkEwRll4YmF4MkUyNUVkbkUzTTVSalNMNFRGcE9hK0RRNmQyWTA0MlY0VXhENy83VTh1VXllNC9Tck4wTXFtZ0J1RmxQZ0xsOUd0TE1DMGRLZ2F6RS9aK1JuYTgiLCJtYWMiOiJlMzQ1NDYxNmQxNWJhZjYzMTQzMTA3ZjIxOTM2ZDE3YThmMDUwNDgzYTkyMTYzODgxODg1ZWVhZGVjNzBkODQyIiwidGFnIjoiIn0%3D
ggadskuat1.shop/	1970-01-21 00:02:38	Name: modal1322 Value: eyJpdiI6IjlhR3I5R29jWElFV09GRytvdEVZRVE9PSIsInZhbHVlIjoiQlNXQ3Q5bkJUNjdqMW5WdEhDUGlhZnZueGswMUltRmtzTmRxRVYzTTZLS2JiYm1CSDByekVPcW96ek5Pb0RicSIsIm1hYyI6IjIzZjc2YmRlMDNlZDM4MThkZjA4YWJjMDViYWMwZWI0ZGIzZTE2ZDFkOTQ2Y2U3ZmU3ODNmYmM4ZmRkMWZmMTAiLCJ0YWciOiIifQ%3D%3D
accounts.livechatinc.com/	1970-01-21 00:02:20	Name: __oauth_redirect_detector Value: counter=1&t=1728140655&tag=1ec5b4652769391ffbe48020d43326952c324920

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://asall-jadi76.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ggadskuat1.shop/forbidden Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ggadskuat1.shop/forbidden Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.livechatinc.com
asall-jadi76.shop
blogger.googleusercontent.com
cdn.livechat-files.com
cdn.livechatinc.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gengg777ads2.shop
ggadskuat1.shop
images.linkcdn.cloud
lottie.host
secure.livechatinc.com
shorturl.at
unpkg.com
www.facebook.com
www.shorturl.at
images.linkcdn.cloud
104.17.25.14
142.250.184.227
157.240.251.9
162.0.217.29
188.114.96.3
188.114.97.3
23.38.98.94
2606:4700:20::ac43:4558
2606:4700:4400::6812:21ce
2606:4700::6811:f6cb
2a00:1450:4001:80b::2001
2a00:1450:4001:82a::200a
2a03:2880:f176:181:face:b00c:0:25de
95.101.111.170
04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56
0c3b66bb1d55dae1ccbbc7ac74a15620ef0ae276f502cdcdebf7584ca5a79372
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
11f490f5fa9e6dc8a684924cf4bb6afd8f7201db74e11f66e9a17c167788fdf3
1ae36a3743279fb201e64ed19c1240900b8976686797fe493bb46c6536fc6dd8
31718b8627a3c75665a9976a63a9ba5a16d8a8ff394012313261999cda4cf8fa
395d421a77c0fc4119778d92f7354b2e8efc0aca7183040b0d5c720070156132
406c2b0cf20e0f7a831f2955b12b27947e5032827c3735c8b15d8bb4213086d9
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
536fd20c8bafa2723e13150c9c97b47dcd121eead4ca3e416ab2c4cebe7447d2
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
582f30052a21ed6fff0fc7d7b3620ed8ee8a5ad6e5429eb2b47662217118f151
5c8634ddaaf99ec97188383a21c1e465c6c8311b8de182a3a2a362778d64123f
6106adbd82bdb7f22dd48884c999462b70afaf45a06e12e2896f90e804e646cf
61bed2b3d6f7e7c9422e3ca4161424794870b3514050ee5c38d8df91bbd1f933
6733d4eeda26305a15bdd02041dde70c404c522d7208f815a0d911c83d653ea9
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b85bc80cf0cc49cdef6de514d671b2af8794334e45a443e4e2b2b4943946174
6ed55b9c0bd82bec88170bafb79bb3c264b7af06a82c2e10e9b2944f1716af78
6f4cbb57424c17f94fae1d9e0bc37ca4c176421942961c6661fac7c19ca66106
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
91230f90004e3b3ece62e68e0c309ace208eb336ed34512c97865cd0d1c0cc61
960a3305e289a5caa0f40e1c6ec82dbbd17cf7278e3a4272a8cf3cc1603b13d7
9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa
a471555529d40fa30e3bf4211032a1fbb9e831a8d4391767af4f35153095488c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea67b7dc0417f27a71887313ff79a52ca840dfff45d87519f3b07b80917aeab2
f6e12d23b767df2e04febac18954dee965c50beeb4033cc14d8db075623978b7
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

ggadskuat1.shop Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

72 %HTTPS

43 %IPv6

15 Domains

18 Subdomains

13 IPs

4 Countries

1412 kBTransfer

3121 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ggadskuat1.shop Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

72 %
HTTPS

43 %
IPv6

15
Domains

18
Subdomains

13
IPs

4
Countries

1412 kB
Transfer

3121 kB
Size

10
Cookies

46 HTTP transactions
0 data transactions