21bfcgfjtf.shop Open in urlscan Pro
104.21.76.190  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 21bfcgfjtf.shop/	811 KB 171 KB	1044ms 1006ms	Document text/html	104.21.76.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.76.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68d1a0d295c582b769058968cbe0602696f10c99dfb0c95204a2db81075dc0ee Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * access-control-expose-headers Authorization alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83ddb1e40fd942bd-EWR content-encoding br content-language en-US content-type text/html; charset=utf-8 date Sat, 30 Dec 2023 22:24:47 GMT expect-ct max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhx3F2TNv87TtXBkMIBGcJL9INRFLzGV0lOYSAuJeCR%2FS3nvr2lPY5t4gDV4nHhIa9pXICDunhJe30QdjWRpmEoeiDlMoi17JvsINSSbhoGu%2FLaN6E4hvvkvr7jHTEESc74%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-permitted-cross-domain-policies none x-xss-protection 0
GET H2	200	css fonts.googleapis.com/	22 KB 2 KB	60ms 25ms	Stylesheet text/css	2607:f8b0:4004:c1d::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic,700italic|Montserrat:400,700 Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab780c5d716692f461635aefb77cf13df4879b1deee40720f1ce4de096c974b5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 30 Dec 2023 22:24:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 30 Dec 2023 22:12:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 30 Dec 2023 22:24:49 GMT
GET H2	200	0dlWE_QVFZap5747g6SRI-ZN4kHxJCZT4l66vP6BGe1SirTZ8Amq5sv_sFPoo_Gvyqc play-lh.googleusercontent.com/	209 KB 209 KB	189ms 155ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/0dlWE_QVFZap5747g6SRI-ZN4kHxJCZT4l66vP6BGe1SirTZ8Amq5sv_sFPoo_Gvyqc Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 57a10f7967e30c225ec9c268cdcb821dcf2e3fdde4ad9872a5749c42e85ca64a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 213887 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	hdu5mOuel9l0MTvAsl-hUJrqqC0ToHOHLvi4VWa2JCC_3aBcD22LGDhWbIuNUSO6SOs play-lh.googleusercontent.com/	144 KB 144 KB	56ms 53ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/hdu5mOuel9l0MTvAsl-hUJrqqC0ToHOHLvi4VWa2JCC_3aBcD22LGDhWbIuNUSO6SOs Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash c328ba7faede64f765dd45592133831569591626b5f5789572f63102f4e1551d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147476 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	B0A0jpV-5EZ1xMCT4ZR731s_wjBCnJvl8Bxh4O6BFDdHxIYhhx4kxGaNFkjV97kRLDA play-lh.googleusercontent.com/	191 KB 191 KB	91ms 89ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/B0A0jpV-5EZ1xMCT4ZR731s_wjBCnJvl8Bxh4O6BFDdHxIYhhx4kxGaNFkjV97kRLDA Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 817c111164e32384ef6e89499f04e7fd589a645bc7baf8e67317684618645f78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 195897 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	Hd14v94aAyYLpVMpIZqzxv1Bri17fc2Q5Kd8UZ0sZ7a9rGy87PEGtbz17C-cnwnFC7kM play-lh.googleusercontent.com/	182 KB 182 KB	60ms 57ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/Hd14v94aAyYLpVMpIZqzxv1Bri17fc2Q5Kd8UZ0sZ7a9rGy87PEGtbz17C-cnwnFC7kM Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 2c935b08c90c431cde1698446153895285b6b3a269b53f76f4ddf56078bec9fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 185945 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	mR9RobfiX0EDOC-eegxHlvt2IqzJ0gib2sgibnUvdAfThz1M2MbxwGBr53uHDikgKAs play-lh.googleusercontent.com/	45 KB 45 KB	75ms 73ms	Image image/jpeg	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/mR9RobfiX0EDOC-eegxHlvt2IqzJ0gib2sgibnUvdAfThz1M2MbxwGBr53uHDikgKAs Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash bcf2f9d50dd1716f9d12877e6d943685440beae09e6e02e61661d7732baf4706 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46440 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	TL9xxi2TxvpXMBgS3GnLVvuIvYt1lIBsVM6GcIRGXiPV5xF_tew20ldpdgLHMe81qJs play-lh.googleusercontent.com/	43 KB 43 KB	85ms 83ms	Image image/jpeg	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/TL9xxi2TxvpXMBgS3GnLVvuIvYt1lIBsVM6GcIRGXiPV5xF_tew20ldpdgLHMe81qJs Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 1039d253c35cb842b93bbe8e186270446977d3f4902b7eb68b5352c1ca64b3db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43946 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	r6xe7oSxafvj08r71GhFxlHoGeGnTlbB2vj1Uk7qVQQdkRL49t7gvBgitVldWZ7--PXo play-lh.googleusercontent.com/	193 KB 193 KB	74ms 72ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/r6xe7oSxafvj08r71GhFxlHoGeGnTlbB2vj1Uk7qVQQdkRL49t7gvBgitVldWZ7--PXo Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash a8aeaa70114da78ae7519b2156a93cd3447a1d073f4f5a1e57ed4c3c31732e17 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 197398 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	ilxYNNutFV2-B4wSUh7F4Yfjpu49yLMSl7z_8zH01eHSCKRiCEBFMdHFKrmpb5Ilc98 play-lh.googleusercontent.com/	200 KB 200 KB	35ms 33ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/ilxYNNutFV2-B4wSUh7F4Yfjpu49yLMSl7z_8zH01eHSCKRiCEBFMdHFKrmpb5Ilc98 Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash bbd628f7158d95b358fde739ee0870f062d20d32aef5a95a0a9bfa84b3db3619 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 204869 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	USjB2-glufBKkV6x7am1Xe6tBOLLBTY9zeqG7kl6TJhJLzwB7dQuUFDP8GFzw4pJMXI play-lh.googleusercontent.com/	158 KB 158 KB	93ms 92ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/USjB2-glufBKkV6x7am1Xe6tBOLLBTY9zeqG7kl6TJhJLzwB7dQuUFDP8GFzw4pJMXI Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b09da18cac6fcafad2980e0a00dfda107ccd489633defcfbf9c8571c9ab3f0f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 162141 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	F2tshfWRe2FkeuIyGDr5-CgrRqqr8qXXSMh3A3XrxSf183ubvkDSmkk4GR2l0_M-qA play-lh.googleusercontent.com/	158 KB 158 KB	95ms 94ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/F2tshfWRe2FkeuIyGDr5-CgrRqqr8qXXSMh3A3XrxSf183ubvkDSmkk4GR2l0_M-qA Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 99cbd655d0360cfab8ea552e25e476a19419508b1674a5dd58caed74f2672051 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 161941 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	YhbvBfA26meF0cPuXb-Eg8gdcpKaul1RkPgnLAFgKzWfpkyCXhn-cWe8nO4GkOyKcsc play-lh.googleusercontent.com/	198 KB 198 KB	88ms 87ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/YhbvBfA26meF0cPuXb-Eg8gdcpKaul1RkPgnLAFgKzWfpkyCXhn-cWe8nO4GkOyKcsc Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e7a9be1a32bb6eabc7a0fc6fe135a3e82e63dd913479e21d4084beae5404f79b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 202697 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	sbFNUg4u7EgzES8dOeK2xr-DKLeHkkw7FX4JuVWJVnLrNI9VK7IZ75AOdn_rovsvxqk play-lh.googleusercontent.com/	208 KB 209 KB	100ms 99ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/sbFNUg4u7EgzES8dOeK2xr-DKLeHkkw7FX4JuVWJVnLrNI9VK7IZ75AOdn_rovsvxqk Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash bd9629841b0a1b8ee88c7d634775e546e52300642eed92ce583e92a28419c576 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 213440 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	38ms 16ms	Font application/octet-stream	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2 Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://21bfcgfjtf.shop/ Origin https://21bfcgfjtf.shop accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 872526 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9yAg0vidqkVcJKhIyz5MjBSuUrHbL7NAYmq0D1hmD%2FlQenlK86Jz3V7GbKUsqEJGUYIJwTLkPiGikaRs%2FHOClk4bCUzIq%2BQugQf%2BPn4jAISfd8ei3%2FEgxyQRBfrD%2BhvBbfZZ7q33%2B7w1z7aQMuohyro"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 83ddb1f5dd7c5e82-EWR expires Thu, 19 Dec 2024 22:24:49 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	49ms 17ms	Font font/woff2	2607:f8b0:4004:c19::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic,700italic|Montserrat:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://21bfcgfjtf.shop accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 11:02:00 GMT x-content-type-options nosniff age 40969 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 29 Dec 2024 11:02:00 GMT
GET H2	200	ACB-R5TTemPs2jY3GkI_Ei-EM4dTnTqBzaaTghewuGMr play-lh.googleusercontent.com/a-/	457 KB 457 KB	86ms 81ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a-/ACB-R5TTemPs2jY3GkI_Ei-EM4dTnTqBzaaTghewuGMr Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 5bba5deebcb9816b86637fe82c44e77f8bedeccf6796e1f255b153d2a54ffb1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v19" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 467496 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	ACB-R5Rm3nDnXl9bfLbPWVhvBi4rbpKHsWdNivcc6sbd play-lh.googleusercontent.com/a-/	12 KB 12 KB	81ms 77ms	Image image/jpeg	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a-/ACB-R5Rm3nDnXl9bfLbPWVhvBi4rbpKHsWdNivcc6sbd Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash ee7aead624b5994a1062f40afb2246a239449512ca92982a7b28f7a5f3475561 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v5" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11920 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	ACB-R5SHDg60DLFAiSJUqOPThMicmu4emvQavHFwLNOnUQ play-lh.googleusercontent.com/a-/	11 KB 11 KB	86ms 83ms	Image image/jpeg	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a-/ACB-R5SHDg60DLFAiSJUqOPThMicmu4emvQavHFwLNOnUQ Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash f5b36254db268b86cbaa4c7eba8b29e4bc6e5795a966bd09606049e69b421773 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v60c" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11529 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	AGNmyxY1F5aEBPQebFzhWjmQR22GrMtjq8Lh9misE4W8Sw=mo play-lh.googleusercontent.com/a/	2 KB 2 KB	83ms 80ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a/AGNmyxY1F5aEBPQebFzhWjmQR22GrMtjq8Lh9misE4W8Sw=mo Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash c5f696818670a12c20a7c872a1b2c16d2be0b8826d55d4e41700a1a077c0dbc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife vary Origin content-type image/png access-control-expose-headers Content-Length cache-control private, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2142 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ACB-R5RHFoybrDwjv2uX9grS7VHEP7yUHLL6JXPUEQ25 play-lh.googleusercontent.com/a-/	111 KB 112 KB	86ms 82ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a-/ACB-R5RHFoybrDwjv2uX9grS7VHEP7yUHLL6JXPUEQ25 Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 97b94ec3fbde9c6c67516b1ea90f924d223961d32f9f8e07ac547bc829c05601 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v19" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 114095 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	ACB-R5QZ2CIK8PpZ565HF3sHkuBHfv40jfpCm887zble play-lh.googleusercontent.com/a-/	49 KB 49 KB	83ms 80ms	Image image/jpeg	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a-/ACB-R5QZ2CIK8PpZ565HF3sHkuBHfv40jfpCm887zble Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 961d4de4f647782474630dd6588a92b20783327333f1cfd2349c5a322706b988 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v1e" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50345 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	ACB-R5Q_kLROv4WiVr-tZn9xzClsDtlg6-rBind2AVBV play-lh.googleusercontent.com/a-/	69 KB 69 KB	81ms 79ms	Image image/jpeg	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a-/ACB-R5Q_kLROv4WiVr-tZn9xzClsDtlg6-rBind2AVBV Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 1d0bddeb53fbf081d840237f18300d63043508dd74f3a5deb218814a78f7e168 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife etag "v20ce" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70471 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	AGNmyxa158x_IbPQ3VAbjH4gArhi9pCI1RGABLpMK6Zi=mo play-lh.googleusercontent.com/a/	7 KB 7 KB	82ms 81ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a/AGNmyxa158x_IbPQ3VAbjH4gArhi9pCI1RGABLpMK6Zi=mo Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9b7aac872043d4855961d0207f399bf0360b7a1839a88bd4f5bdfd598055ea45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7526 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	AGNmyxbbKyjHLLgaCjtoj1JsCqzaKEpQ9CgwTSg-EGte=mo play-lh.googleusercontent.com/a/	7 KB 7 KB	80ms 79ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a/AGNmyxbbKyjHLLgaCjtoj1JsCqzaKEpQ9CgwTSg-EGte=mo Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9b7aac872043d4855961d0207f399bf0360b7a1839a88bd4f5bdfd598055ea45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT x-content-type-options nosniff server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7526 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:49 GMT
GET H2	200	email-decode.min.js Show response 21bfcgfjtf.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	13ms 11ms	Script application/javascript	104.21.76.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://21bfcgfjtf.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.76.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:49 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Dec 2023 14:09:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6581a422-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjTd1AVQWFaxH3QybGp%2BDkTFdiJZyAlnG9cnjdY8GEiN1YgGbL2ryDX9NOYYxb0FmmLhYsnQ%2BImAQHerREZjEKtgKfmc7fWHAt4%2FE6JtkrMNvTDdAZzB6Cy9EHGY07PuvZI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 83ddb1f6186a42bd-EWR expires Mon, 01 Jan 2024 22:24:49 GMT
GET H3	200	pbQ8AocS-oBrQi8Ick7XUqlIOr--miRah9BGE_ubm8ceNoGkWbPWR_GcOHSl3iS9cIM play-lh.googleusercontent.com/	169 KB 169 KB	37ms 36ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/pbQ8AocS-oBrQi8Ick7XUqlIOr--miRah9BGE_ubm8ceNoGkWbPWR_GcOHSl3iS9cIM Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 8be5ea7046e35f5fd80dd8baf3888037cf2a39a1360e7ad430ee3fe2ef0f0dc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://21bfcgfjtf.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:50 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 173054 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:50 GMT
GET H3	200	azSqI779j1asFhpxaZWjgauXG5JIrxjfEpGV5SpPZqkSBpzNJFZzrP4BT2Mf7m57s06b play-lh.googleusercontent.com/	182 KB 182 KB	47ms 47ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/azSqI779j1asFhpxaZWjgauXG5JIrxjfEpGV5SpPZqkSBpzNJFZzrP4BT2Mf7m57s06b Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9a872d55ec84cbff7b62a725ffce3eab9e26b77f69571f0a4a94b14c530957d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://21bfcgfjtf.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:50 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 186376 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:50 GMT
GET H3	200	BHnWjHxwS4sb1Lm6gehJ-iBB1jBUqSPPKdci0YeUP2odbhwMEwYvJaHSkV2FtFOO5a2K play-lh.googleusercontent.com/	139 KB 139 KB	41ms 41ms	Image image/png	2607:f8b0:4004:c09::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/BHnWjHxwS4sb1Lm6gehJ-iBB1jBUqSPPKdci0YeUP2odbhwMEwYvJaHSkV2FtFOO5a2K Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::77 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e50cd067cdd0d1a0da270e3f2d71b62aba7767295f0364d36362acf0786bfb47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://21bfcgfjtf.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:50 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 142153 x-xss-protection 0 expires Sun, 31 Dec 2023 22:24:50 GMT
GET H3	200	undefined 21bfcgfjtf.shop/	357 B 357 B	874ms 874ms	Image text/html	104.21.76.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://21bfcgfjtf.shop/undefined Requested by Host: 21bfcgfjtf.shop URL: https://21bfcgfjtf.shop/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.76.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://21bfcgfjtf.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 30 Dec 2023 22:24:51 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 0 referrer-policy no-referrer server cloudflare x-download-options noopen expect-ct max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96crGzqK09Nfkpoped7iPqPvXU4zNu10e7NvNMAwK8%2FX3Cfj5YZpRoMcUNjZz6aTExZl1%2B5U4B32Kq6ScJY2zE0jIZo4o4rOz62bNjOc8OHVVhQmPXV2RxXfLO3W7KO%2FREY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization content-language en-US cf-ray 83ddb1fc9ddf42d2-EWR

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| Formstone object| CODEXCODER function| $ function| jQuery number| uidEvent object| bootstrap function| Swiper function| WOW

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21bfcgfjtf.shop
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
play-lh.googleusercontent.com
104.21.76.190
2606:4700::6811:190e
2607:f8b0:4004:c09::77
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c1d::5f
1039d253c35cb842b93bbe8e186270446977d3f4902b7eb68b5352c1ca64b3db
1d0bddeb53fbf081d840237f18300d63043508dd74f3a5deb218814a78f7e168
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c935b08c90c431cde1698446153895285b6b3a269b53f76f4ddf56078bec9fd
57a10f7967e30c225ec9c268cdcb821dcf2e3fdde4ad9872a5749c42e85ca64a
5bba5deebcb9816b86637fe82c44e77f8bedeccf6796e1f255b153d2a54ffb1f
68d1a0d295c582b769058968cbe0602696f10c99dfb0c95204a2db81075dc0ee
817c111164e32384ef6e89499f04e7fd589a645bc7baf8e67317684618645f78
8be5ea7046e35f5fd80dd8baf3888037cf2a39a1360e7ad430ee3fe2ef0f0dc6
961d4de4f647782474630dd6588a92b20783327333f1cfd2349c5a322706b988
97b94ec3fbde9c6c67516b1ea90f924d223961d32f9f8e07ac547bc829c05601
99cbd655d0360cfab8ea552e25e476a19419508b1674a5dd58caed74f2672051
9a872d55ec84cbff7b62a725ffce3eab9e26b77f69571f0a4a94b14c530957d5
9b7aac872043d4855961d0207f399bf0360b7a1839a88bd4f5bdfd598055ea45
a8aeaa70114da78ae7519b2156a93cd3447a1d073f4f5a1e57ed4c3c31732e17
ab780c5d716692f461635aefb77cf13df4879b1deee40720f1ce4de096c974b5
b09da18cac6fcafad2980e0a00dfda107ccd489633defcfbf9c8571c9ab3f0f0
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbd628f7158d95b358fde739ee0870f062d20d32aef5a95a0a9bfa84b3db3619
bcf2f9d50dd1716f9d12877e6d943685440beae09e6e02e61661d7732baf4706
bd9629841b0a1b8ee88c7d634775e546e52300642eed92ce583e92a28419c576
c328ba7faede64f765dd45592133831569591626b5f5789572f63102f4e1551d
c5f696818670a12c20a7c872a1b2c16d2be0b8826d55d4e41700a1a077c0dbc8
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50cd067cdd0d1a0da270e3f2d71b62aba7767295f0364d36362acf0786bfb47
e7a9be1a32bb6eabc7a0fc6fe135a3e82e63dd913479e21d4084beae5404f79b
ee7aead624b5994a1062f40afb2246a239449512ca92982a7b28f7a5f3475561
f5b36254db268b86cbaa4c7eba8b29e4bc6e5795a966bd09606049e69b421773