itxdkqkbkbfkkktm.1tw.live Open in urlscan Pro
151.101.1.91 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://itxdkqkbkbfkkktm.1tw.live/
Submission: On April 25 via api (April 25th 2025, 8:57:45 pm UTC) from US — Scanned from US

Summary HTTP 75 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 75 HTTP transactions. The main IP is 151.101.1.91, located in San Francisco, United States and belongs to FASTLY, US. The main domain is itxdkqkbkbfkkktm.1tw.live.
TLS certificate: Issued by R11 on April 24th 2025. Valid for: 3 months.

This is the only time itxdkqkbkbfkkktm.1tw.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 47	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:7... 2600:1901:0:7a0b::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.65.164 142.250.65.164	15169 (GOOGLE) (GOOGLE)
3	142.250.65.232 142.250.65.232	15169 (GOOGLE) (GOOGLE)
3	142.250.65.195 142.250.65.195	15169 (GOOGLE) (GOOGLE)
1	172.217.165.131 172.217.165.131	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
75	13

47 151.101.1.91 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

itxdkqkbkbfkkktm.1tw.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.164 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.165.131 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	1tw.live 1 redirects itxdkqkbkbfkkktm.1tw.live	2 MB
10	gstatic.com www.gstatic.com fonts.gstatic.com	736 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	135 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 80
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 941	88 B
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 717 cloudflareinsights.com — Cisco Umbrella Rank: 690	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 309	779 B
75	8

	Domain	Requested by
47	itxdkqkbkbfkkktm.1tw.live	1 redirects itxdkqkbkbfkkktm.1tw.live
9	www.gstatic.com	itxdkqkbkbfkkktm.1tw.live www.google.com www.gstatic.com
9	www.googletagmanager.com	itxdkqkbkbfkkktm.1tw.live
2	www.google.com	itxdkqkbkbfkkktm.1tw.live www.gstatic.com
2	www.google-analytics.com	itxdkqkbkbfkkktm.1tw.live
2	sessions.bugsnag.com	itxdkqkbkbfkkktm.1tw.live
1	cloudflareinsights.com	static.cloudflareinsights.com
1	fonts.gstatic.com	www.google.com
1	static.cloudflareinsights.com	itxdkqkbkbfkkktm.1tw.live
1	cdnjs.cloudflare.com	itxdkqkbkbfkkktm.1tw.live
75	10

This site contains links to these domains. Also see Links.

Domain
meduza.page.link
magaz.global
support.meduza.io
www.youtube.com
www.instagram.com
mdza.io
instagram.com
t.me
www.facebook.com
twitter.com
policies.google.com

Subject Issuer	Validity	Valid
itxdkqkbkbfkkktm.1tw.live R11	`2025-04-24` - `2025-07-23`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2025-03-24` - `2025-06-22`	3 months	crt.sh
*.google-analytics.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
cloudflareinsights.com WE1	`2025-02-27` - `2025-05-28`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2025-04-03` - `2026-04-15`	a year	crt.sh
*.gstatic.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.google.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://itxdkqkbkbfkkktm.1tw.live/
Frame ID: 2AD1FC6AB436A512BE3C3AE68DC86157
Requests: 73 HTTP requests in this frame

Frame: https://itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js
Frame ID: 06EB26BA6AA38EC41FD8AC4F559DCE17
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM0iEfAAAAABz-lMzNTBlz9P1H-5yeCkeJJhJD&co=aHR0cHM6Ly9pdHhka3FrYmtiZmtra3RtLjF0dy5saXZlOjQ0Mw..&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=k38y9boo2ht4
Frame ID: ECBD2247AE169DA57DC40F8C23CC59BA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости — Meduza

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

75
Requests

97 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

13
IPs

2
Countries

3332 kB
Transfer

6000 kB
Size

2
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://meduza.page.link/KLgB?utm_source=meduza&utm_medium=top_banner&utm_campaign=update_app_251224

Search URL Search Domain Scan URL

URL: https://magaz.global/?utm_source=meduza&utm_medium=rubriki
Title: Магаз

Search URL Search Domain Scan URL

URL: https://support.meduza.io/?utm_source=meduza&utm_medium=button
Title: Поддержать «Медузу»

Search URL Search Domain Scan URL

URL: https://magaz.global/?utm_source=meduza&utm_medium=feed_banner
Title: Магаз

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@MeduzaPro?utm_source=meduza&utm_medium=feed_banner
Title: Смотрите «Медузу». Это еще один способ нас поддержать

Search URL Search Domain Scan URL

URL: https://www.instagram.com/meduzapro/?utm_source=meduza&utm_medium=feed_banner
Title: Подпишитесь на инстаграм «Медузы»

Search URL Search Domain Scan URL

URL: https://support.meduza.io/?utm_source=meduza&utm_medium=footer
Title: Поддержать «Медузу»

Search URL Search Domain Scan URL

URL: https://mdza.io/jTVPVpHqgF8
Title: iOS

Search URL Search Domain Scan URL

URL: https://mdza.io/HFRM4ny5IRU
Title: Android

Search URL Search Domain Scan URL

URL: https://magaz.global/?utm_source=meduza&utm_medium=footer
Title: Магаз

Search URL Search Domain Scan URL

URL: https://magaz.global/info/delivery?utm_source=meduza&utm_medium=footer
Title: Доставка книг

Search URL Search Domain Scan URL

URL: https://instagram.com/meduzapro
Title: Инстаграм

Search URL Search Domain Scan URL

URL: https://t.me/meduzalive
Title: Телеграм

Search URL Search Domain Scan URL

URL: https://www.facebook.com/themeduza
Title: Фейсбук

Search URL Search Domain Scan URL

URL: https://twitter.com/meduzaproject
Title: X (твиттер)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/MeduzaPro
Title: Ютьюб

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=ru
Title: Конфиденциальность

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=ru
Title: условия использования

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js

75 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
itxdkqkbkbfkkktm.1tw.live/ 346 KB
74 KB 859ms
313ms Document
text/html 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6398193f4e25ab3c5d0df434c7cdd8605e612678c310834998c7b209f73f5af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 1728000
age: 2163
cache-control: public, max-age=30, s-maxage=21600
cf-cache-status: HIT
cf-ray: 9360c0c08d91017d-CDG
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 25 Apr 2025 20:57:28 GMT
last-modified: Fri, 25 Apr 2025 20:21:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-cg-cache-status: DYNAMIC
x-content-type-options: nosniff
x-served-by: cache-mad2200134-MAD
x-timer: S1745614648.354441,VS0,VE92

GET
H3 200 polyfill.min.js Show response
cdnjs.cloudflare.com/polyfill/v3/ 104 B
779 B 186ms
103ms Script
text/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/polyfill/v3/polyfill.min.js?version=3.111.0&features=IntersectionObserver

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-compress-hint: on
content-encoding: gzip
cf-cache-status: HIT
age: 2007271
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9pEqZz%2FccKgdOivSxhQrRz3L5sBLS1gnaJYvyaeoEfnFJ7RfXNw1ycIU6nKOFWjJZw2plH7K5qMll0sT6WumkDmUez3GliDh6QVmiKMJFNYkN4U4qWTYwyVudUOw%2BMOn%2BUMf0r8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,HEAD,OPTIONS
expires: Fri, 02 May 2025 20:57:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 02 Apr 2025 15:22:58 GMT
vary: User-Agent, Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-polyfill-version: 3.111.0
cf-ray: 9360c0c4d85e6897-SJC
access-control-allow-origin: *
server: cloudflare

GET
H2 200 embed-component.esm.js Show response
itxdkqkbkbfkkktm.1tw.live/static/embed-component-lib/ 1 KB
2 KB 500ms
499ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/static/embed-component-lib/embed-component.esm.js?v=2

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

00e008a660501b4eb1705e2cad06fedfccce93fea45c4caeff656b43fbd13e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ba893d6e89753f72a55f4859237e03fc"
age: 3838
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 12:03:32 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txgb65a5aa4d8264bf9bec8-00680a5e26
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614649.088782,VS0,VE91
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c51fff9dae-CDG
x-amz-request-id: txgb65a5aa4d8264bf9bec8-00680a5e26
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 404 KB
135 KB 450ms
173ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L0LHMYHRHJ

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cda8ac1bb0b9ed6bf7e5481606d436eab01e045a51dc8bd57088b9a3738afb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires: Fri, 25 Apr 2025 20:57:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1068:0
content-length: 137036
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 19 KB
7 KB 225ms
82ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 9360c0c66d512f45-LAX
access-control-allow-origin: *
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 932.40412ee37b8826538901.css
itxdkqkbkbfkkktm.1tw.live/ 119 KB
28 KB 500ms
499ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/932.40412ee37b8826538901.css

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a9f331b63c1a59fb0907a3211c4bdfdee6c56f91723b93182f7fe2049e63248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6d59d6cd12dead81b929ee3a93973a4c"
age: 2021
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: text/css
last-modified: Wed, 16 Apr 2025 10:42:45 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txg810115054fc04f64ab1d-0067ffe9e8
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614649.088331,VS0,VE86
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c51e48494a-CDG
x-amz-request-id: txg810115054fc04f64ab1d-0067ffe9e8
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 app.56618a12e4277a563085.css
itxdkqkbkbfkkktm.1tw.live/ 233 KB
49 KB 499ms
498ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/app.56618a12e4277a563085.css

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2fb3dc869ee9393f05e358029f944351a2c8da2f91baac946c480a6534dca4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"e2867e2b1b72ba7f66bd6bd3211a6f9b"
age: 2251
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: text/css
last-modified: Wed, 16 Apr 2025 10:42:47 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txg57a43e0eb3aa4367b56c-0067fff587
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614649.088634,VS0,VE68
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c4eeb96f1c-CDG
x-amz-request-id: txg57a43e0eb3aa4367b56c-0067fff587
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 fonts.513c8fd1a8c4bd643b40.css
itxdkqkbkbfkkktm.1tw.live/ 2 KB
1014 B 501ms
501ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts.513c8fd1a8c4bd643b40.css

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

28b6f65233b9c77e068bcb0a90c9b307c37bd60925d139bfc762fbc55c1f92db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"201fa6a07ef621b7f26c783e3ece5547"
age: 5335
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: text/css
last-modified: Wed, 16 Apr 2025 10:42:48 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txg779d1f8d4a6e431889f0-0067ffd586
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614649.088647,VS0,VE91
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c518a10356-CDG
x-amz-request-id: txg779d1f8d4a6e431889f0-0067ffd586
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 Z2c.webp
itxdkqkbkbfkkktm.1tw.live/impro/fA1i2kRsfijfLjAfZq5XStl_ZAocgZGnaE24Y8Yky3A/resizing_type:fit/width:360/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAx... 8 KB
9 KB 482ms
480ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/fA1i2kRsfijfLjAfZq5XStl_ZAocgZGnaE24Y8Yky3A/resizing_type:fit/width:360/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NjYvNDk0L29yaWdp/bmFsL1RtR3F0b1Q3/MnpaYjhZWGhzSVU3/Z2c.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c3cd4732a788a77e00fad92f415209756011d18fa4680513723fe8d67b92617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: b047670db1631919b9845d1768551dc5
cf-cache-status: HIT
age: 103499
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:29 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: image/webp
content-disposition: inline; filename="TmGqtoT72zZb8YXhsIU7gg.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Thu, 24 Apr 2025 16:12:30 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614649.128299,VS0,VE84
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c55e8fbb27-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8238

GET
H2 200 PFRegalTextPro-Bold-v1.woff
itxdkqkbkbfkkktm.1tw.live/fonts/ 145 KB
146 KB 330ms
328ms Font
font/woff 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts/PFRegalTextPro-Bold-v1.woff

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64d77b7e334d5da9ce7f685466181ed3ab4de44296d569ee695acad0917bccd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

access-control-max-age: 1728000
cf-cache-status: HIT
age: 2633
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: font/woff
last-modified: Fri, 25 Apr 2025 20:13:36 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30, s-maxage=21600
x-cg-cache-status: DYNAMIC
x-timer: S1745614649.281955,VS0,VE80
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c64aaf9dae-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 148744

GET
H2 200 PFRegalTextPro-BoldItalic-v1.woff
itxdkqkbkbfkkktm.1tw.live/fonts/ 146 KB
147 KB 330ms
329ms Font
font/woff 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts/PFRegalTextPro-BoldItalic-v1.woff

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ac8cb420c6c23b93a9b0b6adccfbd21504a73d96b605d10038e6587db1a2df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

access-control-max-age: 1728000
cf-cache-status: HIT
age: 3167
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: font/woff
last-modified: Fri, 25 Apr 2025 20:04:42 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30, s-maxage=21600
x-cg-cache-status: DYNAMIC
x-timer: S1745614649.281876,VS0,VE86
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c64ab29dae-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 149784

GET
H2 200 PFRegalTextPro-RegularB-v1.woff
itxdkqkbkbfkkktm.1tw.live/fonts/ 136 KB
137 KB 331ms
330ms Font
font/woff 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts/PFRegalTextPro-RegularB-v1.woff

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

266f38f4e05fe9f0a18d85528105db5e76c537c5caac8f261591ffa88378870f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

access-control-max-age: 1728000
cf-cache-status: HIT
age: 6848
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: font/woff
last-modified: Fri, 25 Apr 2025 03:04:57 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30, s-maxage=21600
x-cg-cache-status: DYNAMIC
x-timer: S1745614649.282251,VS0,VE86
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c64fe86f1c-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 139572

GET
H2 200 PFRegalTextPro-RegularBItalic-v1.woff
itxdkqkbkbfkkktm.1tw.live/fonts/ 141 KB
142 KB 331ms
329ms Font
font/woff 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts/PFRegalTextPro-RegularBItalic-v1.woff

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

68ce996c5dacfad2230689f6527c11ec0bed90a09e0c545f57c6f69e5fb2eb58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

access-control-max-age: 1728000
cf-cache-status: HIT
age: 12175
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: font/woff
last-modified: Fri, 25 Apr 2025 17:34:34 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30, s-maxage=21600
x-cg-cache-status: DYNAMIC
x-timer: S1745614649.282222,VS0,VE86
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c648c0494a-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 144864

GET
H2 200 ProximaNova-Bold-v1.woff
itxdkqkbkbfkkktm.1tw.live/fonts/ 69 KB
70 KB 341ms
340ms Font
font/woff 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts/ProximaNova-Bold-v1.woff

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a728b74b8c139c6f1ddd7f73d08940f27a648fbbf84b91dbb94bf96fe6d4ad0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

access-control-max-age: 1728000
cf-cache-status: HIT
age: 3340
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: font/woff
last-modified: Fri, 25 Apr 2025 20:01:49 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30, s-maxage=21600
x-cg-cache-status: DYNAMIC
x-timer: S1745614649.282347,VS0,VE87
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c64e0374f3-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70764

GET
H2 200 ProximaNova-Regular-v1.woff
itxdkqkbkbfkkktm.1tw.live/fonts/ 69 KB
69 KB 351ms
350ms Font
font/woff 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts/ProximaNova-Regular-v1.woff

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a9fdaff8a0dfde1eda3edb250158d05a15286017b528c60336053606ae54870a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

access-control-max-age: 1728000
cf-cache-status: HIT
age: 3351
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: font/woff
last-modified: Fri, 25 Apr 2025 20:01:38 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30, s-maxage=21600
x-cg-cache-status: DYNAMIC
x-timer: S1745614649.303724,VS0,VE89
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c67f90e8ce-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70456

GET
H2 200 ProximaNova-Semibold-v1.woff
itxdkqkbkbfkkktm.1tw.live/fonts/ 68 KB
69 KB 341ms
340ms Font
font/woff 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts/ProximaNova-Semibold-v1.woff

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

47b9a70094107e5c81f341816eb26e5167b25a03f4d53550b8fd3497c8d13d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

access-control-max-age: 1728000
cf-cache-status: HIT
age: 13604
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: font/woff
last-modified: Fri, 25 Apr 2025 17:10:45 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30, s-maxage=21600
x-cg-cache-status: DYNAMIC
x-timer: S1745614649.303707,VS0,VE82
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c67e3e74f3-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69608

GET
H2 200 TmcucG5n.webp
itxdkqkbkbfkkktm.1tw.live/impro/SupLyiuAGpmnDRb3Ht6rTViHpJvlDzG8BMQ1g_Of7x4/resizing_type:fit/width:600/height:0/enlarge:1/quality:95/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAw... 160 KB
161 KB 347ms
344ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/SupLyiuAGpmnDRb3Ht6rTViHpJvlDzG8BMQ1g_Of7x4/resizing_type:fit/width:600/height:0/enlarge:1/quality:95/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAwMi80/ODcvNjAyL29yaWdp/bmFsLzZkLWhWYkhl/QWhmMUZQZ0VsTDBx/TmcucG5n.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

964079431a293076cc26df79c8fc8687560813ff98148c187ec350b4b7e6ba31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 5c6a6e0f5ba4949194cc3cc5ede33519
cf-cache-status: HIT
age: 666432
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:29 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: image/webp
content-disposition: inline; filename="6d-hVbHeAhf1FPgElL0qNg.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Mon, 22 Apr 2024 14:39:46 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614649.303699,VS0,VE88
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c67b83017d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 164130

GET
H2 200 manifest.a1d6d2d9aa4cd0351866.js Show response
itxdkqkbkbfkkktm.1tw.live/ 4 KB
3 KB 802ms
799ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/manifest.a1d6d2d9aa4cd0351866.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dbbadea3254500f3a6c7c138e6022c835b3e68714ae65529d410d4a13f5043cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"4db015ff26e71e7e33d91b8a2d869362"
age: 6735
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: application/javascript
last-modified: Wed, 16 Apr 2025 10:42:48 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txgd05299145de6448d8084-0067fff659
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614650.593084,VS0,VE92
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c83822bb27-CDG
x-amz-request-id: txgd05299145de6448d8084-0067fff659
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 932.eeefd793b9e83e7b3ac6.js Show response
itxdkqkbkbfkkktm.1tw.live/ 455 KB
172 KB 803ms
799ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2fc6c9c215b3e0a6679182c9cac54a7f45b79219e7343a963409460fa0cf19ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"386ebeeb796bad628bc7799f7843614d"
age: 2734
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: application/javascript
last-modified: Wed, 16 Apr 2025 10:42:46 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txgf0ed13ee4f2b483db3fa-0067ffed83
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614650.593486,VS0,VE93
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c84aa7e8ce-CDG
x-amz-request-id: txgf0ed13ee4f2b483db3fa-0067ffed83
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 app.f55a3d368c72ccd498e2.js Show response
itxdkqkbkbfkkktm.1tw.live/ 353 KB
108 KB 800ms
797ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/app.f55a3d368c72ccd498e2.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

49213740829b288ad83ff9d52b5b7f73ffc9fbbd2e62625e01097c011fc11a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"bba62d27829c78e758ea8d00038e8616"
age: 6188
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: application/javascript
last-modified: Wed, 16 Apr 2025 10:42:47 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txg8438d53b3c0c46ae83fc-0067ff89d8
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614650.593558,VS0,VE56
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c81f229dae-CDG
x-amz-request-id: txg8438d53b3c0c46ae83fc-0067ff89d8
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 fonts.ff356b6a5a2f1437bfda.js Show response
itxdkqkbkbfkkktm.1tw.live/ 138 B
728 B 803ms
800ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/fonts.ff356b6a5a2f1437bfda.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

523cd2508d2ee7a4cef0a179cc1ace23db6985394cab03761f50bd59d49564fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"cadec3508a33a37e2970f2eef58519f8"
age: 5614
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: application/javascript
last-modified: Wed, 16 Apr 2025 10:42:48 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txg3c648c2981544c5b9542-00680883dd
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614650.593403,VS0,VE94
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c84823bb27-CDG
x-amz-request-id: txg3c648c2981544c5b9542-00680883dd
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 p-7658ca37.js Show response
itxdkqkbkbfkkktm.1tw.live/static/embed-component-lib/ 8 KB
5 KB 791ms
790ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/static/embed-component-lib/p-7658ca37.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7cb9838034adc5ed44c507aaf332d3dd8bd38cb6990727f9f36be27b736f857c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/static/embed-component-lib/embed-component.esm.js?v=2

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"03401bb395d5ec5e3893aaf1a0550367"
age: 1539
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:29 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 12:03:33 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txgbdcfe3d51d794533a3a1-00680a4b11
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614650.602768,VS0,VE87
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0c85c300356-CDG
x-amz-request-id: txgbdcfe3d51d794533a3a1-00680a4b11
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 a
www.googletagmanager.com/ 0
299 B 159ms
157ms Image
text/html 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-L0LHMYHRHJ&v=3&t=t&pid=1708364829&cv=3&rv=54n0&tc=17&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130495~103130497~103200004&es=1&e=gtm.init&eid=2&u=AAAAAAAAAAAAAACA&h=Ag&tr=1ogtgasend.1ogtipmark.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgagamlink.1ccdgaadslink.1ccdgaregscope.1ccdemoutboundclick.1ccdemsitesearch.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtipmark.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgagamlink.2ccdgaadslink.2ccdgaregscope.2ccdemoutboundclick.2ccdemsitesearch.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

report-to: {"group":"ascgcycc:884:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:884:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:884:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:884:0
content-length: 0
date: Fri, 25 Apr 2025 20:57:30 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 159ms
158ms Image
text/html 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

report-to: {"group":"ascgcycc:884:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:884:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:884:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:884:0
content-length: 0
date: Fri, 25 Apr 2025 20:57:30 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 160ms
159ms Image
text/html 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

report-to: {"group":"ascgcycc:884:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:884:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:884:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:884:0
content-length: 0
date: Fri, 25 Apr 2025 20:57:30 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 162ms
161ms Image
text/html 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

report-to: {"group":"ascgcycc:884:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:884:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:884:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:884:0
content-length: 0
date: Fri, 25 Apr 2025 20:57:30 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 160ms
160ms Image
text/html 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-L0LHMYHRHJ&v=3&t=t&pid=1708364829&cv=3&rv=54n0&tc=17&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130495~103130497~103200004&e=gtm.init&eid=2&u=AAAAAAAAAAAAACCA&ut=Ag&h=Ag&tr=5ogtgasend.5ogtipmark.5ogtreferralexclusion.5ogtsessiontimeout.5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ogtgagamlink.5ccdgaadslink.5ccdgaregscope.5ccdemoutboundclick.5ccdemsitesearch.5ccdconversionmarking.5ccdautoredact.5ccdgalast&ti=2ogtgasend.2ogtipmark.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgagamlink.2ccdgaadslink.2ccdgaregscope.2ccdemoutboundclick.2ccdemsitesearch.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

report-to: {"group":"ascgcycc:884:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:884:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:884:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:884:0
content-length: 0
date: Fri, 25 Apr 2025 20:57:30 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77f5d740f899d2e51cb05f8022d26656ffd7d10103f86bbaed7446bffed68f46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 77 B
77 B Font
font/woff

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b337e901e816e392981542727f1de98a2721a5d72d9ff64b3de7a3049b20c621

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 81 B
81 B Font
font/woff

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fc120d06e68442af0517fb9708fd752a71bdf74c5d14b4239fe69c72c136e7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 78 B
78 B Font
font/woff

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5411b1b78966d0d70eaaedb17dce7c34e691c08137794aa9b91548e15f6cfd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer

Response headers

Content-Type: font/woff

GET
H2 200 p-94abd1e2.entry.js Show response
itxdkqkbkbfkkktm.1tw.live/static/embed-component-lib/ 4 KB
2 KB 779ms
779ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/static/embed-component-lib/p-94abd1e2.entry.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3971c28a63085a68d431c770533d68199b23c1ed4b03cd1e14149c1349336d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/static/embed-component-lib/embed-component.esm.js?v=2

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d96f729aee296bbcf5d4ed2aba779dac"
age: 1542
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:32 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 12:03:33 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: txgc27c60b7bb6a4235ad31-006809bdfc
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614652.377240,VS0,VE97
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0d9abd4e8ce-CDG
x-amz-request-id: txgc27c60b7bb6a4235ad31-006809bdfc
accept-ranges: bytes
access-control-allow-origin: *

GET
H2

200

main.js Show response
itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/ Frame 06EB
Redirect Chain

https://itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js?

8 KB
5 KB

409ms
408ms

Script
application/javascript

151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js?

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d150c6ce6c6cc8f6204dde0740172c2d3bc76c2e9c7a47a25129874deca31e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:33 GMT
content-type: application/javascript; charset=UTF-8
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-timer: S1745614653.156521,VS0,VE77
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0de8f450356-CDG
accept-ranges: bytes
access-control-allow-origin: *

Redirect headers

access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:32 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/44e6f86df4dc/main.js?
x-timer: S1745614652.379609,VS0,VE80
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0d9ab5d0356-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
88 B 93ms
90ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Bugsnag-Api-Key: 707b4f358cd187b4943be2afd14413ec
Referer: https://itxdkqkbkbfkkktm.1tw.live/
Bugsnag-Sent-At: 2025-04-25T20:57:33.509Z
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
date: Fri, 25 Apr 2025 20:57:33 GMT
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 246ms
90ms Preflight 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://itxdkqkbkbfkkktm.1tw.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 25 Apr 2025 20:57:33 GMT
via: 1.1 google

GET
H2 200 banners Show response
itxdkqkbkbfkkktm.1tw.live/api/w5/ 16 KB
5 KB 311ms
311ms XHR
application/json 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/api/w5/banners

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30d53925d829e38a0180533da856d0a2fdaeaf0d2935efa61bf64b92ea590104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: application/json
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 10
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:59:33 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:33 GMT
content-type: application/json; charset=utf-8
last-modified: Fri, 25 Apr 2025 20:57:23 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=120
x-cg-cache-status: DYNAMIC
x-timer: S1745614654.670866,VS0,VE94
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e1bb1fe8ce-CDG
accept-ranges: bytes
access-control-allow-origin: *

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 425ms
146ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L0LHMYHRHJ&gtm=45je54n0v9130927134za200&_p=1745614649169&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130495~103130497~103200004&cid=833582264.1745614654&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%94%20Meduza&dl=%2F&sid=1745614653&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.dimension1=mirror&tfd=5873
Requested by: Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://itxdkqkbkbfkkktm.1tw.live
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 20:57:33 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 / Show response
itxdkqkbkbfkkktm.1tw.live/stat/put/ 3 B
679 B 308ms
307ms XHR
text/html 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/stat/put/?client=website

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: application/json
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 809146
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:33 GMT
content-type: text/html
last-modified: Wed, 03 Jul 2024 10:26:44 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: no-store
x-timer: S1745614654.683664,VS0,VE91
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e1de9c6f1c-CDG
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 news Show response
itxdkqkbkbfkkktm.1tw.live/api/w5/screens/ 214 KB
47 KB 291ms
288ms XHR
application/json 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/api/w5/screens/news

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b26739ee1658cfb5ea7a54b4999323de14bf431045db55535cd265d36a12ef8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: application/json
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 2168
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:33 GMT
content-type: application/json; charset=utf-8
last-modified: Fri, 25 Apr 2025 20:21:25 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30, s-maxage=21600
x-cg-cache-status: DYNAMIC
x-timer: S1745614654.690318,VS0,VE73
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e1bb0fe8ce-CDG
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 new_search Show response
itxdkqkbkbfkkktm.1tw.live/api/w5/ 65 KB
17 KB 308ms
306ms XHR
application/json 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/api/w5/new_search?chrono=news&page=0&per_page=24&locale=ru

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

54dea0ee9d11947a4ae9e051990d72e0422440a8f461f6e6b856e049c2855eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept: application/json
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 3ca08991c38efe6c0df3ca1b88e45e9f
content-encoding: gzip
cf-cache-status: HIT
age: 30
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:58:03 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:33 GMT
content-type: application/json; charset=utf-8
last-modified: Fri, 25 Apr 2025 20:57:03 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30
x-timer: S1745614654.691425,VS0,VE88
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e1dcd0017d-CDG
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/9.3.0/ 17 KB
6 KB 404ms
132ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.3.0/firebase-app-compat.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da3016b61e31ba73e7a8e57eb3f7acd006ce2794c22a4c0b816147488a0e33e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
age: 219993
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 07:51:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 07:51:00 GMT
last-modified: Mon, 08 Nov 2021 19:51:44 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5761
x-xss-protection: 0
server: sffe

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1019 B 297ms
152ms Script
text/javascript 142.250.65.164
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcM0iEfAAAAABz-lMzNTBlz9P1H-5yeCkeJJhJD

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

ESF /

Resource Hash

940189b09f28918e469fd871fb4bb22e1d63cab8697a971fce46a83c97a22a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:57:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 25 Apr 2025 20:57:33 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 9360c0c08d91017d Show response
itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/h/g/jsd/r/0.8820442339233392:1745612732:tt0lgAGI38V14K5bZFKiPSsDYK4uusvM2LA5vLQ8bkI/ Frame 06EB 0
916 B 534ms
529ms XHR
text/plain 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/h/g/jsd/r/0.8820442339233392:1745612732:tt0lgAGI38V14K5bZFKiPSsDYK4uusvM2LA5vLQ8bkI/9360c0c08d91017d

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

content-encoding: gzip
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: text/plain; charset=UTF-8
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614654.906293,VS0,VE99
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e34acf0356-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25

GET
H2 200 NjNLZw.webp
itxdkqkbkbfkkktm.1tw.live/impro/4V1-1NeTwW_P32XWqPTQjuI8Txotwzy93-05NipK_YQ/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 23 KB
23 KB 386ms
378ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/4V1-1NeTwW_P32XWqPTQjuI8Txotwzy93-05NipK_YQ/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzIvNDAxL3doXzgx/MF81NDAvWExtT1RT/NE4tMkY1OGptZndf/NjNLZw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b48c26b63ed1a6613a44ba6efbf552bd3224565e1c032b67833c21637070ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 4cb408685a7aba7708fab0bc23b0eef1
cf-cache-status: HIT
age: 36336
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:33 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:33 GMT
content-type: image/webp
content-disposition: inline; filename="XLmOTS4N-2F58jmfw_63Kg.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 10:51:57 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.906305,VS0,VE56
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3089ad0a6-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23116

GET
H2 200 RlJkdw.webp
itxdkqkbkbfkkktm.1tw.live/impro/YxdDdhLygaQKCMIbL23YCQC2xDt248Y4oSZcTWlvi7Y/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 66 KB
67 KB 447ms
439ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/YxdDdhLygaQKCMIbL23YCQC2xDt248Y4oSZcTWlvi7Y/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzIvMjQxL3doXzgx/MF81NDAvTS10dUpv/VkZIS0U3ZWdQOXdk/RlJkdw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee818ce50f8df62b210b01255a70931b7512be74fb9cf4412ef6697aa409629a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 89fffc84bb2cfa65fe9aca0ee4d31bf0
cf-cache-status: HIT
age: 32443
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:33 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="M-tuJoVFHKE7egP9wdFRdw.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 11:56:50 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.906238,VS0,VE97
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e33acb0356-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67852

GET
H2 200 aG5hZw.webp
itxdkqkbkbfkkktm.1tw.live/impro/06mHsZ1_OjurFU8eO6FA0xJz15exEHbhU2utHPpYzMg/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 62 KB
63 KB 816ms
808ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/06mHsZ1_OjurFU8eO6FA0xJz15exEHbhU2utHPpYzMg/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzIvNDUyL3doXzgx/MF81NDAvZkZzZG1V/dmdxUVBuTTE0bU14/aG5hZw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e49e81ca7e3bfba5ebf93e5e0c292e799b5af1cc9772ff7aee5f6a3a68354568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: f397a4f53bd4791fdd49e335d30530a2
cf-cache-status: HIT
age: 34852
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="fFsdmUvgqQPnM14mMxhnag.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 11:16:42 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.006370,VS0,VE84
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3df4b017d-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 63698

GET
H2 200 X2ktQQ.webp
itxdkqkbkbfkkktm.1tw.live/impro/I_9LUk7P_arvRdePk4djiGrkSecn8J8EUj_AFSkQtDc/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 104 KB
104 KB 960ms
953ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/I_9LUk7P_arvRdePk4djiGrkSecn8J8EUj_AFSkQtDc/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzEvODY0L3doXzYx/NV80MTAvSGVXQ0FR/ai0xY2hBUThLT2Qt/X2ktQQ.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b1e57fc184d0762095759eb4539a75c81cbe7f84234fd982c9ffa12dac6d8ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: d22f64edcff7c9d58cf923d87e6dba6b
cf-cache-status: HIT
age: 40959
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="HeWCAQj-1chAQ8KOd-_i-A.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 09:34:55 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.006369,VS0,VE86
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3dc1e74f3-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 106110

GET
H2 200 M005UQ.webp
itxdkqkbkbfkkktm.1tw.live/impro/Y-PHwkLYnPTHXLq7C4UEvAdI5Nj_VU_1KXnGM8Gc-8s/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 80 KB
81 KB 999ms
992ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/Y-PHwkLYnPTHXLq7C4UEvAdI5Nj_VU_1KXnGM8Gc-8s/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzIvMzQ1L3doXzYx/NV80MTAveUhpcTdB/clRMaXhyUV8tTUw5/M005UQ.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c055de670be6d73a89788858d38815c4623525cbc4024ad4182094935d3497c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: ea857750221d4abc16f89b23adc32e4c
cf-cache-status: HIT
age: 35306
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="yHiq7ArTLixrQ_-ML93M9Q.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 11:09:08 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.006232,VS0,VE91
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3d8966f1c-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81974

GET
H2 200 WGlDUQ.webp
itxdkqkbkbfkkktm.1tw.live/impro/crdWKQiaMYuEhTfslaOpCoATHxqWwNzO2Merzfaj4tA/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 64 KB
65 KB 788ms
781ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/crdWKQiaMYuEhTfslaOpCoATHxqWwNzO2Merzfaj4tA/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzEvMDE2L3doXzgx/MF81NDAvbU1jbV82/WnRSZWZLQ2lRZ1lp/WGlDUQ.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b73d0bf987c1b08c5625b12e05d7570437c85733d4e4b3993f8647c2cd62b91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 92b93e3aceeab0462d64946184db0cae
cf-cache-status: HIT
age: 41103
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="mMcm_6ZtRefKCiQgYiXiCQ.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 09:32:31 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.006177,VS0,VE84
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3da23d0a6-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65530

GET
H2 200 a1NZdw.webp
itxdkqkbkbfkkktm.1tw.live/impro/CLyyljLs2BUfC4Q9eBruIfL_4N00OlJ9XGs7HIhYMQU/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 25 KB
26 KB 617ms
610ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/CLyyljLs2BUfC4Q9eBruIfL_4N00OlJ9XGs7HIhYMQU/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NjgvMjczL3doXzgx/MF81NDAvRG44SE5z/eTc2Y01jVUZjd01o/a1NZdw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

071a9e5b9fb632068d23e561808d1195431aacf784666cb26b9b9f967d50afa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 11dbc909c9658a5c58cd70d123835dc9
cf-cache-status: HIT
age: 101990
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="Dn8HNsy76cMcUFcwMhkSYw.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Thu, 24 Apr 2025 16:37:44 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.006160,VS0,VE56
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3acac494a-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25546

GET
H2 200 VVQxUQ.webp
itxdkqkbkbfkkktm.1tw.live/impro/68SBjy42ROipl3U39iJ6GjLarBpHWsmK-opUBp4UtUA/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 60 KB
61 KB 1190ms
1184ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/68SBjy42ROipl3U39iJ6GjLarBpHWsmK-opUBp4UtUA/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzEvNzY4L3doXzgx/MF81NDAvaW5TcVdL/ZHRkZm93UmxuZ1FC/VVQxUQ.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f878695c0ac4c70315bd2cfb216fce98ae777ebb0251117379a819989abad18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 109aa1b7d8d00e541d6d1f63fdafb8f7
cf-cache-status: HIT
age: 37833
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="inSqWKdtdfowRlngQBUT1Q.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 10:27:01 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.006113,VS0,VE94
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3dc2074f3-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61472

GET
H2 200 hvIhWwl8zRLVuLKAdhJSiQ.jpg
itxdkqkbkbfkkktm.1tw.live/image/attachment_overrides/images/011/272/511/ov/ 73 KB
73 KB 1141ms
1135ms Image
image/jpeg 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/image/attachment_overrides/images/011/272/511/ov/hvIhWwl8zRLVuLKAdhJSiQ.jpg

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b1137114add7bf056983ec4748e7f746a083869fd6ac8597a02fc366ae77368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

cf-bgj: h2pri
cf-cache-status: HIT
age: 27872
etag: "072381738e1216ca6d942a880c7e892e"
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/jpeg
last-modified: Fri, 25 Apr 2025 12:36:55 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: E6TJU5HF8aO4Qf0CeXfvLRKGU4voaBC1UssqSuS35h3JFQBMsDpAjSQoo6bq35OtvI8cTb2geTc=
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614654.006081,VS0,VE93
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3dc1d74f3-CDG
x-amz-request-id: 0Y8ATXEZ3C97WB8G
accept-ranges: bytes
access-control-allow-origin: *
content-length: 74428

GET
H2 200 cEdqbVEuanBn.webp
itxdkqkbkbfkkktm.1tw.live/impro/YTyJ14F5V1sKcS42eaOrvuos4bO5PhRGpqpGLyTArA8/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudF9v/dmVycmlkZXMvaW... 114 KB
114 KB 860ms
854ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/YTyJ14F5V1sKcS42eaOrvuos4bO5PhRGpqpGLyTArA8/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudF9v/dmVycmlkZXMvaW1h/Z2VzLzAxMS8yNjgv/MjIwL292L3NyWkRQ/ZG5ad2xOY3NzNkdZ/cEdqbVEuanBn.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fa8d8128d3fa87755a640ba82398bb998b84862a4d060cc2e0d79c68e17e67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: d2a629d353926f0c8131b66601800d04
cf-cache-status: HIT
age: 127511
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="srZDPdnZwlNcss6GYpGjmQ.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Thu, 24 Apr 2025 09:32:23 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.006042,VS0,VE85
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3da22d0a6-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116254

GET
H2 200 SWlMVlEuanBn.webp
itxdkqkbkbfkkktm.1tw.live/impro/GIDwJjLPlI80pxuoUw8FKF1-1q9om485d___wa_kas0/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudF9v/dmVycmlkZXMvaW... 19 KB
19 KB 1022ms
1017ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/GIDwJjLPlI80pxuoUw8FKF1-1q9om485d___wa_kas0/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudF9v/dmVycmlkZXMvaW1h/Z2VzLzAxMS8yNzEv/NjgxL292L1BhRXI5/NE5TaU5ialZVT2Y1/SWlMVlEuanBn.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

295164633bf2d16f748af0791cf10bc9e3c41c181b75600680076d9ffa078534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 8817c41ebc0f55cb6b5a8a9af28573ff
cf-cache-status: HIT
age: 41094
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="PaEr94NSiNbjVUOf5IiLVQ.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 09:32:40 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.005993,VS0,VE91
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3da21d0a6-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19246

GET
H2 200 Vmc0dw.webp
itxdkqkbkbfkkktm.1tw.live/impro/RRG-_GMeNE2c6joUw9Il2ZAQNcq9bm3Z1dTRF_8sj-4/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 23 KB
23 KB 734ms
730ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/RRG-_GMeNE2c6joUw9Il2ZAQNcq9bm3Z1dTRF_8sj-4/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NjkvODg2L3doXzgx/MF81NDAveDFsRl9W/dlVvdWVvbE9pZFpm/Vmc0dw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7dcdf786bc12740d1625b940cf6f561ceff86b781041751b094f55e96a7aa56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 4345506ebefdc2bf7e06d09a4e41fd29
cf-cache-status: HIT
age: 108550
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="x1lF_VvUoueolOidZfVg4w.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Thu, 24 Apr 2025 14:48:24 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.005986,VS0,VE82
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3df21e8ce-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23070

GET
H2 200 UzRxdw.webp
itxdkqkbkbfkkktm.1tw.live/impro/QmVAGu5DvIYxgkfw_nosZv_TYah--9c8fIAp_3SgYl8/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 30 KB
30 KB 877ms
873ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/QmVAGu5DvIYxgkfw_nosZv_TYah--9c8fIAp_3SgYl8/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NjIvNzUyL3doXzgx/MF81NDAvdGtTS2ZH/bWZmd1IxVmtFdS1t/UzRxdw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c511d303e687a3af7b647a200b6ac311d771e9ab6b548a62984bdb8a87fc718f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 75a58526b43bfa1828574ec129a5c8ad
cf-cache-status: HIT
age: 55716
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="tkSKfGmffwR1VkEu-mS4qw.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Fri, 25 Apr 2025 05:28:58 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.005964,VS0,VE85
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3da1ed0a6-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30370

GET
H2 200 VHc1WUEucG5n.webp
itxdkqkbkbfkkktm.1tw.live/impro/ribEpEqlB_L1Q3YZTRI4W9HF7VCbvUCnEGMdxG9_Ryo/resizing_type:fit/width:0/height:0/enlarge:1/quality:95/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudF9v/dmVycmlkZXMvaW... 57 KB
58 KB 1138ms
1135ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/ribEpEqlB_L1Q3YZTRI4W9HF7VCbvUCnEGMdxG9_Ryo/resizing_type:fit/width:0/height:0/enlarge:1/quality:95/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudF9v/dmVycmlkZXMvaW1h/Z2VzLzAxMS8yNjkv/NzU1L292LzZ2LWh2/ZHZpWUlWNXhyT2g2/VHc1WUEucG5n.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3013f870a237d15ca6b9ad1053b3e761b2918a84f992a1228ecdef4b5b01a295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 3c8c16810fdc0e6cdaeac82d56e6b989
cf-cache-status: HIT
age: 95826
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="6v-hvdviYIV5xrOh6Tw5YA.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Thu, 24 Apr 2025 18:20:28 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.009648,VS0,VE90
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3dc2774f3-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58340

GET
H2 200 Ri1Wdw.webp
itxdkqkbkbfkkktm.1tw.live/impro/WvqIr2ppK2MEAtLOzkeQ1Zp5fV_0OuSRQEQSdnhuDUs/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 56 KB
57 KB 760ms
757ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/WvqIr2ppK2MEAtLOzkeQ1Zp5fV_0OuSRQEQSdnhuDUs/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NjkvMzI5L3doXzgx/MF81NDAvZThtcmdI/ZnBBUkt5OTlKcm1k/Ri1Wdw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

02ea21217addf4a8ad005ceff0b3cabc2aa622a4cdec3429ccf2b44eca860c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 540cd073d1039017773ea1c80990559f
cf-cache-status: HIT
age: 115800
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="e8mrgHfpARKy99JrmdF-Vw.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Thu, 24 Apr 2025 12:47:34 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.009642,VS0,VE80
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3dd0a494a-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57178

GET
H2 200 b0xMZw.webp
itxdkqkbkbfkkktm.1tw.live/impro/BhzH6tngKu5uv6zPqiDMB7tJlVMP41BcFPuLe3gFZuo/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 40 KB
41 KB 732ms
729ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/BhzH6tngKu5uv6zPqiDMB7tJlVMP41BcFPuLe3gFZuo/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzAvNTY2L3doXzgx/MF81NDAvMndvVnFP/TnhXUllLVDFTdFND/b0xMZw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fd10957f8a2117f59f6914b35e2fdadb34a2f2abf5bc14df42e97913996ebd8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 1cbb04e913ad0a2d8f80f4fcb7d1370f
cf-cache-status: HIT
age: 99757
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="2woVqONxWRYKT1StSCoLLg.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Thu, 24 Apr 2025 17:14:57 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.009619,VS0,VE66
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3b87a6f1c-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41182

GET
H2 200 WXY4dw.webp
itxdkqkbkbfkkktm.1tw.live/impro/wXDqdy8EW3A7cDdT9_1m7CD9nrQNR0PvIcEuWLmlLC0/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS... 21 KB
22 KB 1037ms
1035ms Image
image/webp 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/impro/wXDqdy8EW3A7cDdT9_1m7CD9nrQNR0PvIcEuWLmlLC0/resizing_type:fit/width:0/height:0/enlarge:1/quality:80/aHR0cHM6Ly9tZWR1/emEuaW8vaW1hZ2Uv/YXR0YWNobWVudHMv/aW1hZ2VzLzAxMS8y/NzAvMTQ4L3doXzgx/MF81NDAvaFQ4bjZW/Y0NicS1CYjdvRENI/WXY4dw.webp

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d30c6332c187ffc9b924406bea9b88163b99d817b876ed7c232eff249e2f80d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

x-request-id: 01d23156b44501f0c3e46b7fd3cc2bab
cf-cache-status: HIT
age: 104820
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Sat, 25 Apr 2026 20:57:34 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/webp
content-disposition: inline; filename="hT8n6VcCbq-Bb7oDCHYv8w.webp"
x-served-by: cache-mad2200134-MAD
last-modified: Thu, 24 Apr 2025 15:50:34 GMT
access-control-allow-headers: *
x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-timer: S1745614654.009586,VS0,VE89
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3d89d6f1c-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21504

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 965c46ea31b84ec46ded4aef42fa1fb134780f0289d466bbb5b55ee2fcff8e60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1045777e79e140ede7096005c80df6b400baa084df62fbef4498ccea80a65808

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 74 B
74 B Font
font/woff

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce31fd636694280099991ac3b345e7760c4021f96d414ff8d4e92b68cc5de9d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer

Response headers

Content-Type: font/woff

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ 638 KB
271 KB 395ms
130ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcM0iEfAAAAABz-lMzNTBlz9P1H-5yeCkeJJhJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336e6c582c23dc0fb67e2ad68159cfceebee4409a0fb47b51a4323f447bee396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://itxdkqkbkbfkkktm.1tw.live
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
age: 112432
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 24 Apr 2026 13:43:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Apr 2025 13:43:42 GMT
last-modified: Mon, 21 Apr 2025 02:01:58 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 276952
x-xss-protection: 0
server: sffe

GET
H2 200 1a69ebd3376f08388c67.png
itxdkqkbkbfkkktm.1tw.live/image/attachments/banners/ 51 KB
52 KB 780ms
780ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://itxdkqkbkbfkkktm.1tw.live/image/attachments/banners/1a69ebd3376f08388c67.png

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11121ec8bb0e5880167c79ff1cf3f2a9707ab7138bc4078eec59c118b150683a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

cf-cache-status: HIT
etag: "10f1d9fb22fd2b14ae7359c82e0dcabc"
age: 394066
access-control-allow-methods: *
x-content-type-options: nosniff
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:34 GMT
content-type: image/png
last-modified: Tue, 24 Dec 2024 14:12:52 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
x-amz-id-2: 287YCCfChQCWm0J2Y1RVhV6ZWc+eSuDmRR7zhW0a0JKcmsAzhmxJAzNX/4jSxmkofzdq9GfBUuY=
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-timer: S1745614654.009562,VS0,VE85
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0e3db3e0356-CDG
x-amz-request-id: RSEXN7VQ5YF2BR7Q
accept-ranges: bytes
access-control-allow-origin: *
content-length: 52062

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 158ms
158ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

report-to: {"group":"ascgcycc:884:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:884:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:884:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:884:0
content-length: 0
date: Fri, 25 Apr 2025 20:57:33 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/9.3.0/ 37 KB
10 KB 133ms
132ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.3.0/firebase-messaging-compat.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a84c27ad4383b76c14814a378b84cb7b92369723bde3929f0bfcefb2156a512a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
age: 178873
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 19:16:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 19:16:21 GMT
last-modified: Mon, 08 Nov 2021 19:51:49 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9830
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-auth-compat.js Show response
www.gstatic.com/firebasejs/9.3.0/ 120 KB
35 KB 133ms
133ms Script
text/javascript 142.250.65.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.3.0/firebase-auth-compat.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

a52599bf129f3cd1eaf1a5c85bc03b02d7395f16b39adae7ac9e280e84340170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
age: 244421
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 01:03:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 01:03:53 GMT
last-modified: Mon, 08 Nov 2021 19:51:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35463
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-firestore-compat.js Show response
www.gstatic.com/firebasejs/9.3.0/ 271 KB
82 KB 132ms
132ms Script
text/javascript 142.250.65.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.3.0/firebase-firestore-compat.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

dd7bdb7642114d6522f7514b5de23e77943f6c3e4025c4e49a2afd1d7a1e1154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
age: 177889
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 19:32:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 19:32:45 GMT
last-modified: Mon, 08 Nov 2021 19:51:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83810
x-xss-protection: 0
server: sffe

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 161ms
160ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

report-to: {"group":"ascgcycc:884:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:884:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:884:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:884:0
content-length: 0
date: Fri, 25 Apr 2025 20:57:34 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 firebase-functions-compat.js Show response
www.gstatic.com/firebasejs/9.3.0/ 8 KB
3 KB 136ms
134ms Script
text/javascript 142.250.65.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.3.0/firebase-functions-compat.js

Requested by

Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

6080d71572a29c7ba8a65fe688366482aa8244e838da0d49ce0579c29aba70a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
age: 211675
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 10:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 10:09:39 GMT
last-modified: Mon, 08 Nov 2021 19:51:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3122
x-xss-protection: 0
server: sffe

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame ECBD 7 KB
1 KB 291ms
153ms Document
text/html 142.250.65.164
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM0iEfAAAAABz-lMzNTBlz9P1H-5yeCkeJJhJD&co=aHR0cHM6Ly9pdHhka3FrYmtiZmtra3RtLjF0dy5saXZlOjQ0Mw..&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=k38y9boo2ht4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

ESF /

Resource Hash

e3e1ba8c7b11919bece35a83f3c938e86f1e0e92f0479b3fc4409282679a7f2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qx90QoIqtidCIDRNNsPLng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itxdkqkbkbfkkktm.1tw.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qx90QoIqtidCIDRNNsPLng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Apr 2025 20:57:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ Frame ECBD 77 KB
42 KB 392ms
128ms Stylesheet
text/css 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcM0iEfAAAAABz-lMzNTBlz9P1H-5yeCkeJJhJD&co=aHR0cHM6Ly9pdHhka3FrYmtiZmtra3RtLjF0dy5saXZlOjQ0Mw..&hl=en&v=w0_qmZVSdobukXrBwYd9dTF7&size=invisible&cb=k38y9boo2ht4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58c977f54c8a264a97b1508fea7a3f7248c8a0d1da4b29062a30cdfcbb550c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 162010
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 23:57:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 23:57:25 GMT
last-modified: Mon, 21 Apr 2025 02:01:58 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
content-length: 42056
x-xss-protection: 0
server: sffe

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/ Frame ECBD 638 KB
271 KB 567ms
303ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336e6c582c23dc0fb67e2ad68159cfceebee4409a0fb47b51a4323f447bee396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 112433
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 24 Apr 2026 13:43:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Apr 2025 13:43:42 GMT
last-modified: Mon, 21 Apr 2025 02:01:58 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 276952
x-xss-protection: 0
server: sffe

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame ECBD 2 KB
2 KB 131ms
129ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.gstatic.com/recaptcha/releases/w0_qmZVSdobukXrBwYd9dTF7/styles__ltr.css

Response headers

age: 200658
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 13:13:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 13:13:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
content-length: 2228
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ECBD 15 KB
15 KB 274ms
133ms Font
font/woff2 172.217.165.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://www.google.com
Referer: https://www.google.com/

Response headers

age: 162343
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Apr 2026 23:51:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Apr 2025 23:51:53 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 216ms
69ms Preflight
text/plain 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://itxdkqkbkbfkkktm.1tw.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://itxdkqkbkbfkkktm.1tw.live
access-control-max-age: 86400
cf-ray: 9360c0f4db5e7c3b-LAX
content-encoding: gzip
content-type: text/plain
date: Fri, 25 Apr 2025 20:57:36 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST rum
cloudflareinsights.com/cdn-cgi/ 0
0

GET
H2 200 favicon.ico
itxdkqkbkbfkkktm.1tw.live/ 562 B
1 KB 301ms
301ms Other
image/x-icon 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3e3116ba5f138bb791d03d5a395a230da4db8f425c82f38cf8e20e329a553b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 11136
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:58:06 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:36 GMT
content-type: image/x-icon
last-modified: Fri, 22 Nov 2024 10:28:58 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30
x-timer: S1745614657.708007,VS0,VE85
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0f4be6d6f1c-CDG
accept-ranges: bytes
access-control-allow-origin: *

GET
H2 200 favicon-32x32.png
itxdkqkbkbfkkktm.1tw.live/ 513 B
1 KB 278ms
278ms Other
image/png 151.101.1.91
FASTLY

General

Check archive.org

Download Go to

Full URL

https://itxdkqkbkbfkkktm.1tw.live/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

492caeb49caceaed31835d7e9ce56192667cb3fe34c2d2bc2b1eb084b4955f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

cf-cache-status: HIT
age: 9996
access-control-allow-methods: *
x-content-type-options: nosniff
expires: Fri, 25 Apr 2025 20:58:07 GMT
x-cache: MISS
date: Fri, 25 Apr 2025 20:57:37 GMT
content-type: image/png
last-modified: Mon, 13 Jan 2025 11:20:27 GMT
x-served-by: cache-mad2200134-MAD
x-cache-hits: 0
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=30
x-timer: S1745614657.018128,VS0,VE62
access-control-allow-credentials: true
via: 1.1 varnish
cf-ray: 9360c0f67fe46f1c-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 513

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 157ms
157ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

report-to: {"group":"ascgcycc:884:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:884:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:884:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:884:0
content-length: 0
date: Fri, 25 Apr 2025 20:57:37 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 145ms
144ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L0LHMYHRHJ&gtm=45je54n0v9130927134za200&_p=1745614649169&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103130495~103130497~103200004&ni=1&cid=833582264.1745614654&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAAI&_s=2&dl=%2F&sid=1745614653&sct=1&seg=0&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%94%20Meduza&en=banner_view&_ee=1&ep.event_category=banner_view&ep.banner_position=top&ep.banner_id=L8mSWjDWpZu9tVT8QxA6I&ep.dimension1=mirror&_et=336&tfd=11210
Requested by: Host: itxdkqkbkbfkkktm.1tw.live
URL: https://itxdkqkbkbfkkktm.1tw.live/932.eeefd793b9e83e7b3ac6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://itxdkqkbkbfkkktm.1tw.live/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://itxdkqkbkbfkkktm.1tw.live
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Apr 2025 20:57:38 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cloudflareinsights.com
URL: https://cloudflareinsights.com/cdn-cgi/rum

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.1tw.live/	1970-01-21 14:29:34	Name: _ga Value: GA1.1.833582264.1745614654
			.1tw.live/	1970-01-21 14:29:34	Name: _ga_L0LHMYHRHJ Value: GS1.1.1745614653.1.0.1745614653.0.0.0

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/(Line 201) Message: Failed to decode downloaded font: data:font/woff;base64,ZXhwb3J0IGRlZmF1bHQgX193ZWJwYWNrX3B1YmxpY19wYXRoX18gKyAiZm9udHMvUHJveGltYU5vdmEtUmVndWxhci12MS53b2ZmIjs=
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/(Line 201) Message: OTS parsing error: invalid sfntVersion: 1702391919
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/(Line 201) Message: Failed to decode downloaded font: data:font/woff;base64,ZXhwb3J0IGRlZmF1bHQgX193ZWJwYWNrX3B1YmxpY19wYXRoX18gKyAiZm9udHMvUEZSZWdhbFRleHRQcm8tUmVndWxhckItdjEud29mZiI7
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/(Line 201) Message: OTS parsing error: invalid sfntVersion: 1702391919
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/(Line 201) Message: Failed to decode downloaded font: data:font/woff;base64,ZXhwb3J0IGRlZmF1bHQgX193ZWJwYWNrX3B1YmxpY19wYXRoX18gKyAiZm9udHMvUHJveGltYU5vdmEtU2VtaWJvbGQtdjEud29mZiI7
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/(Line 201) Message: OTS parsing error: invalid sfntVersion: 1702391919
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: Failed to decode downloaded font: data:font/woff;base64,ZXhwb3J0IGRlZmF1bHQgX193ZWJwYWNrX3B1YmxpY19wYXRoX18gKyAiZm9udHMvUEZSZWdhbFRleHRQcm8tUmVndWxhckItdjEud29mZiI7
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: OTS parsing error: invalid sfntVersion: 1702391919
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: Failed to decode downloaded font: data:font/woff;base64,ZXhwb3J0IGRlZmF1bHQgX193ZWJwYWNrX3B1YmxpY19wYXRoX18gKyAiZm9udHMvUHJveGltYU5vdmEtUmVndWxhci12MS53b2ZmIjs=
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: OTS parsing error: invalid sfntVersion: 1702391919
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: Failed to decode downloaded font: data:font/woff;base64,ZXhwb3J0IGRlZmF1bHQgX193ZWJwYWNrX3B1YmxpY19wYXRoX18gKyAiZm9udHMvUHJveGltYU5vdmEtU2VtaWJvbGQtdjEud29mZiI7
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: OTS parsing error: invalid sfntVersion: 1702391919
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: Failed to decode downloaded font: data:font/woff;base64,ZXhwb3J0IGRlZmF1bHQgX193ZWJwYWNrX3B1YmxpY19wYXRoX18gKyAiZm9udHMvUHJveGltYU5vdmEtQm9sZC12MS53b2ZmIjs=
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: OTS parsing error: invalid sfntVersion: 1702391919
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: Failed to decode downloaded font: data:font/woff;base64,ZXhwb3J0IGRlZmF1bHQgX193ZWJwYWNrX3B1YmxpY19wYXRoX18gKyAiZm9udHMvUHJveGltYU5vdmEtQm9sZC12MS53b2ZmIjs=
other	warning	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: OTS parsing error: invalid sfntVersion: 1702391919
javascript	error	URL: https://itxdkqkbkbfkkktm.1tw.live/ Message: Access to XMLHttpRequest at 'https://cloudflareinsights.com/cdn-cgi/rum' from origin 'https://itxdkqkbkbfkkktm.1tw.live' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloudflareinsights.com/cdn-cgi/rum Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cloudflareinsights.com
fonts.gstatic.com
itxdkqkbkbfkkktm.1tw.live
sessions.bugsnag.com
static.cloudflareinsights.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
cloudflareinsights.com
104.17.24.14
142.250.65.164
142.250.65.195
142.250.65.232
151.101.1.91
172.217.165.131
2600:1901:0:7a0b::
2606:4700::6810:4f49
2606:4700::6810:5049
2607:f8b0:4006:817::2008
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2003
00e008a660501b4eb1705e2cad06fedfccce93fea45c4caeff656b43fbd13e9e
02ea21217addf4a8ad005ceff0b3cabc2aa622a4cdec3429ccf2b44eca860c92
071a9e5b9fb632068d23e561808d1195431aacf784666cb26b9b9f967d50afa9
0b48c26b63ed1a6613a44ba6efbf552bd3224565e1c032b67833c21637070ef7
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0fc120d06e68442af0517fb9708fd752a71bdf74c5d14b4239fe69c72c136e7e
1045777e79e140ede7096005c80df6b400baa084df62fbef4498ccea80a65808
11121ec8bb0e5880167c79ff1cf3f2a9707ab7138bc4078eec59c118b150683a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
266f38f4e05fe9f0a18d85528105db5e76c537c5caac8f261591ffa88378870f
28b6f65233b9c77e068bcb0a90c9b307c37bd60925d139bfc762fbc55c1f92db
295164633bf2d16f748af0791cf10bc9e3c41c181b75600680076d9ffa078534
2a9f331b63c1a59fb0907a3211c4bdfdee6c56f91723b93182f7fe2049e63248
2fb3dc869ee9393f05e358029f944351a2c8da2f91baac946c480a6534dca4fd
2fc6c9c215b3e0a6679182c9cac54a7f45b79219e7343a963409460fa0cf19ec
3013f870a237d15ca6b9ad1053b3e761b2918a84f992a1228ecdef4b5b01a295
30d53925d829e38a0180533da856d0a2fdaeaf0d2935efa61bf64b92ea590104
336e6c582c23dc0fb67e2ad68159cfceebee4409a0fb47b51a4323f447bee396
3971c28a63085a68d431c770533d68199b23c1ed4b03cd1e14149c1349336d65
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47b9a70094107e5c81f341816eb26e5167b25a03f4d53550b8fd3497c8d13d9e
49213740829b288ad83ff9d52b5b7f73ffc9fbbd2e62625e01097c011fc11a88
492caeb49caceaed31835d7e9ce56192667cb3fe34c2d2bc2b1eb084b4955f7e
4f878695c0ac4c70315bd2cfb216fce98ae777ebb0251117379a819989abad18
4fa8d8128d3fa87755a640ba82398bb998b84862a4d060cc2e0d79c68e17e67f
523cd2508d2ee7a4cef0a179cc1ace23db6985394cab03761f50bd59d49564fe
54dea0ee9d11947a4ae9e051990d72e0422440a8f461f6e6b856e049c2855eed
58c977f54c8a264a97b1508fea7a3f7248c8a0d1da4b29062a30cdfcbb550c97
5c3cd4732a788a77e00fad92f415209756011d18fa4680513723fe8d67b92617
6080d71572a29c7ba8a65fe688366482aa8244e838da0d49ce0579c29aba70a3
6398193f4e25ab3c5d0df434c7cdd8605e612678c310834998c7b209f73f5af8
64d77b7e334d5da9ce7f685466181ed3ab4de44296d569ee695acad0917bccd8
68ce996c5dacfad2230689f6527c11ec0bed90a09e0c545f57c6f69e5fb2eb58
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
77f5d740f899d2e51cb05f8022d26656ffd7d10103f86bbaed7446bffed68f46
7cb9838034adc5ed44c507aaf332d3dd8bd38cb6990727f9f36be27b736f857c
7dcdf786bc12740d1625b940cf6f561ceff86b781041751b094f55e96a7aa56a
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b1137114add7bf056983ec4748e7f746a083869fd6ac8597a02fc366ae77368
940189b09f28918e469fd871fb4bb22e1d63cab8697a971fce46a83c97a22a06
964079431a293076cc26df79c8fc8687560813ff98148c187ec350b4b7e6ba31
965c46ea31b84ec46ded4aef42fa1fb134780f0289d466bbb5b55ee2fcff8e60
9ac8cb420c6c23b93a9b0b6adccfbd21504a73d96b605d10038e6587db1a2df6
9c055de670be6d73a89788858d38815c4623525cbc4024ad4182094935d3497c
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a52599bf129f3cd1eaf1a5c85bc03b02d7395f16b39adae7ac9e280e84340170
a728b74b8c139c6f1ddd7f73d08940f27a648fbbf84b91dbb94bf96fe6d4ad0a
a84c27ad4383b76c14814a378b84cb7b92369723bde3929f0bfcefb2156a512a
a9fdaff8a0dfde1eda3edb250158d05a15286017b528c60336053606ae54870a
b1e57fc184d0762095759eb4539a75c81cbe7f84234fd982c9ffa12dac6d8ad1
b26739ee1658cfb5ea7a54b4999323de14bf431045db55535cd265d36a12ef8b
b337e901e816e392981542727f1de98a2721a5d72d9ff64b3de7a3049b20c621
b73d0bf987c1b08c5625b12e05d7570437c85733d4e4b3993f8647c2cd62b91d
c3e3116ba5f138bb791d03d5a395a230da4db8f425c82f38cf8e20e329a553b1
c511d303e687a3af7b647a200b6ac311d771e9ab6b548a62984bdb8a87fc718f
cda8ac1bb0b9ed6bf7e5481606d436eab01e045a51dc8bd57088b9a3738afb05
ce31fd636694280099991ac3b345e7760c4021f96d414ff8d4e92b68cc5de9d2
d150c6ce6c6cc8f6204dde0740172c2d3bc76c2e9c7a47a25129874deca31e1b
d30c6332c187ffc9b924406bea9b88163b99d817b876ed7c232eff249e2f80d9
d5411b1b78966d0d70eaaedb17dce7c34e691c08137794aa9b91548e15f6cfd2
da3016b61e31ba73e7a8e57eb3f7acd006ce2794c22a4c0b816147488a0e33e5
dbbadea3254500f3a6c7c138e6022c835b3e68714ae65529d410d4a13f5043cd
dd7bdb7642114d6522f7514b5de23e77943f6c3e4025c4e49a2afd1d7a1e1154
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e1ba8c7b11919bece35a83f3c938e86f1e0e92f0479b3fc4409282679a7f2f
e49e81ca7e3bfba5ebf93e5e0c292e799b5af1cc9772ff7aee5f6a3a68354568
ee818ce50f8df62b210b01255a70931b7512be74fb9cf4412ef6697aa409629a
fd10957f8a2117f59f6914b35e2fdadb34a2f2abf5bc14df42e97913996ebd8d

itxdkqkbkbfkkktm.1tw.live Open in urlscan Pro 151.101.1.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

97 %HTTPS

50 %IPv6

8 Domains

10 Subdomains

13 IPs

2 Countries

3332 kBTransfer

6000 kBSize

2 Cookies

18 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

itxdkqkbkbfkkktm.1tw.live Open in urlscan Pro
151.101.1.91 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

97 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

13
IPs

2
Countries

3332 kB
Transfer

6000 kB
Size

2
Cookies

75 HTTP transactions
7 data transactions