gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
104.243.38.18 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ 9mo old
Submission: On July 09 via api (July 9th 2025, 12:54:14 pm UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 29 domains to perform 139 HTTP transactions. The main IP is 104.243.38.18, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org. 9mo old
TLS certificate: Issued by E6 on July 9th 2025. Valid for: 3mo.

This is the only time gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	104.243.38.18 104.243.38.18	23470 (RELIABLESITE) (RELIABLESITE)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:10c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1862	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	104.237.132.182 104.237.132.182	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2606:4700:303... 2606:4700:3033::6815:5c21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:303... 2606:4700:3035::6815:142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2 8	2606:4700:303... 2606:4700:3033::ac43:cd8d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	159.65.211.77 159.65.211.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.194.198.116 54.194.198.116	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.118 162.19.138.118	16276 (OVH OVH SAS) (OVH OVH SAS)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.36.200.111 34.36.200.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700:10:... 2606:4700:10::ac43:b78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	57.129.85.132 57.129.85.132	16276 (OVH OVH SAS) (OVH OVH SAS)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
139	30

31 104.243.38.18 (Piscataway, United States) 1 redirects

ASN23470 (RELIABLESITE, US)

gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org 9mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:10c9 (None, )

ASN13335 (CLOUDFLARENET, US)

acscdn.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a06:98c1:3121::3 (None, )

ASN13335 (CLOUDFLARENET, US)

partner.senty.com.au 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:1862 (None, )

ASN13335 (CLOUDFLARENET, US)

youradexchange.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 104.237.132.182 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 104-237-132-182.ip.linodeusercontent.com

stats.senty.com.au 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3033::6815:5c21 (None, )

ASN13335 (CLOUDFLARENET, US)

usrpubtrk.com 10mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

18 2606:4700:3035::6815:142 (None, )

ASN13335 (CLOUDFLARENET, US)

fontgenerator.cc 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
t1.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 2606:4700::6811:190e (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:4700::6812:1f31 (None, )

ASN13335 (CLOUDFLARENET, US)

stpd.cloud 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 2606:4700:3033::ac43:cd8d (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

app.tinyadz.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 159.65.211.77 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn4.buysellads.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
srv.buysellads.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 54.194.198.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-198-116.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:10::ac43:17ea (None, )

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:20::681a:8a9 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:4700:10::6816:4ad8 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 34.36.200.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.200.36.34.bc.googleusercontent.com

ag.dns-finder.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:4700:10::ac43:b78 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 57.129.85.132 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3249663.ip-57-129-85.eu

lb.eu-1-id5-sync.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 130.211.23.194 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
31	duckdns.org 1 redirects gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org 9mo old	490 KB
18	fontgenerator.cc fontgenerator.cc 7yr old	113 KB
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 266 9yr old ad.doubleclick.net — Cisco Umbrella Rank: 183 9yr old	227 KB
8	tinyadz.com 2 redirects app.tinyadz.com — Cisco Umbrella Rank: 262263 1yr old	9 KB
7	btloader.com btloader.com — Cisco Umbrella Rank: 966 6yr old api.btloader.com — Cisco Umbrella Rank: 1163 5yr old	29 KB
7	senty.com.au partner.senty.com.au 1yr old stats.senty.com.au — Cisco Umbrella Rank: 650845 2yr old	7 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 253 13yr old	95 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74 56yr old	6 KB
4	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1107 9yr old	945 B
4	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 55435 6yr old	142 KB
4	gstatic.com fonts.gstatic.com 9yr old t1.gstatic.com 9yr old	27 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 78 56yr old
2	dns-finder.com ag.dns-finder.com — Cisco Umbrella Rank: 1234 1yr old	233 B
2	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 31214 9yr old	154 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 4438 8yr old	20 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 551 9yr old	1 KB
2	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2060 4yr old	276 B
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2452 5yr old	639 B
2	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1661 5yr old	250 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 322 13yr old	1 KB
2	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 37378 9yr old	179 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65 56yr old	134 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 997 4yr old	346 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5 56yr old	19 B
1	usrpubtrk.com usrpubtrk.com — Cisco Umbrella Rank: 19516 10mo old	636 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 22055 12yr old
1	acscdn.com acscdn.com — Cisco Umbrella Rank: 26726 6yr old	44 KB
0	googlesyndication.com Failed pagead2.googlesyndication.com Failed 9yr old
0	criteo.com Failed gum.criteo.com Failed 9yr old
139	29

	Domain	Requested by
31	gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org	1 redirects gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
18	fontgenerator.cc	partner.senty.com.au fontgenerator.cc
8	app.tinyadz.com	2 redirects fontgenerator.cc app.tinyadz.com
7	securepubads.g.doubleclick.net	fontgenerator.cc securepubads.g.doubleclick.net cdn4.buysellads.net
6	cdnjs.cloudflare.com	fontgenerator.cc
6	stats.senty.com.au	partner.senty.com.au stats.senty.com.au fontgenerator.cc
5	fonts.googleapis.com	gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org fontgenerator.cc
4	ad-delivery.net	fontgenerator.cc
4	btloader.com	cdn4.buysellads.net btloader.com
4	stpd.cloud	fontgenerator.cc
3	api.btloader.com	btloader.com
3	www.google-analytics.com	gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
3	fonts.gstatic.com	fonts.googleapis.com
2	ad.doubleclick.net	fontgenerator.cc
2	ag.dns-finder.com	btloader.com
2	srv.buysellads.com	cdn4.buysellads.net
2	script.4dex.io	stpd.cloud
2	id5-sync.com	stpd.cloud
2	id.hadron.ad.gt	stpd.cloud
2	id.crwdcntrl.net	stpd.cloud
2	lexicon.33across.com	stpd.cloud
2	cdn.jsdelivr.net	stpd.cloud gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
2	cdn4.buysellads.net	fontgenerator.cc
2	www.googletagmanager.com	fontgenerator.cc
1	lb.eu-1-id5-sync.com	stpd.cloud
1	t1.gstatic.com	gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
1	www.google.com	1 redirects
1	usrpubtrk.com	acscdn.com
1	youradexchange.com	acscdn.com
1	partner.senty.com.au	gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
1	acscdn.com	gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
0	pagead2.googlesyndication.com Failed	securepubads.g.doubleclick.net
0	gum.criteo.com Failed	stpd.cloud
139	33

This site contains links to these domains. Also see Links.

Domain
youradexchange.com

Subject Issuer	Validity	Valid
E6	`2025-07-09` - `2025-10-07`	3mo	crt.sh
upload.video.google.com WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
acscdn.com WE1	`2025-05-13` - `2025-08-11`	3mo	crt.sh
partner.senty.com.au WE1	`2025-06-15` - `2025-09-13`	3mo	crt.sh
youradexchange.com WE1	`2025-06-01` - `2025-08-30`	3mo	crt.sh
*.gstatic.com WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
stats.senty.com.au E6	`2025-05-15` - `2025-08-13`	3mo	crt.sh
usrpubtrk.com WE1	`2025-06-16` - `2025-09-14`	3mo	crt.sh
fontgenerator.cc WE1	`2025-06-12` - `2025-09-10`	3mo	crt.sh
*.google-analytics.com WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3mo	crt.sh
stpd.cloud WE1	`2025-06-28` - `2025-09-26`	3mo	crt.sh
*.g.doubleclick.net WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
*.cdn4.buysellads.net E5	`2025-05-14` - `2025-08-12`	3mo	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2025 Q2	`2025-06-02` - `2026-07-04`	1yr	crt.sh
lexicon.33across.com WR3	`2025-06-17` - `2025-09-15`	3mo	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M03	`2024-09-08` - `2025-10-08`	1yr	crt.sh
id.hadron.ad.gt WE1	`2025-05-14` - `2025-08-12`	3mo	crt.sh
id5-sync.com E5	`2025-07-01` - `2025-09-29`	3mo	crt.sh
script.4dex.io WE1	`2025-05-16` - `2025-08-14`	3mo	crt.sh
btloader.com WE1	`2025-06-01` - `2025-08-30`	3mo	crt.sh
*.buysellads.com E5	`2025-05-14` - `2025-08-12`	3mo	crt.sh
tinyadz.com WE1	`2025-07-07` - `2025-10-05`	3mo	crt.sh
dns-finder.com WR3	`2025-05-12` - `2025-08-10`	3mo	crt.sh
ad-delivery.net WE1	`2025-07-04` - `2025-10-02`	3mo	crt.sh
*.doubleclick.net WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
eu-1-id5-sync.com R11	`2025-07-01` - `2025-09-29`	3mo	crt.sh
api.btloader.com WR3	`2025-05-27` - `2025-08-25`	3mo	crt.sh

This page contains 5 frames:

Primary Page: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Frame ID: C4E34C6CFCC195EFC86A2470FF0A803B
Requests: 37 HTTP requests in this frame

Frame: https://fontgenerator.cc/embed
Frame ID: EE1C7F9D7F5A67F41ADCAA4091DB34A1
Requests: 85 HTTP requests in this frame

Frame: https://btloader.com/trustedIframe.html?o=5102648370397184&tid=uHsqMCu7-PXFEn5Gi-97ef40468b&upapi=true
Frame ID: 487A9AB8703BE524D391B578759CDB4D
Requests: 1 HTTP requests in this frame

Frame: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Frame ID: 1A64B0081B8A3EDE5CBF165796060715
Requests: 13 HTTP requests in this frame

Frame: https://btloader.com/trustedIframe.html?o=5102648370397184&tid=zmv8P7SQaA-fdISniskB-97ef404eb1&upapi=true
Frame ID: 1BC82A5E05332A398576B23ABB89F748
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shadow

Detected technologies

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

139
Requests

89 %
HTTPS

66 %
IPv6

29
Domains

33
Subdomains

30
IPs

5
Countries

1527 kB
Transfer

8576 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Request Chain 46

https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781 HTTP 301
https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781

Request Chain 79

https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home HTTP 301
https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Request Chain 95

https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781 HTTP 301
https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781

139 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ 23 KB
7 KB 523ms
98ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 09 Jul 2025 12:54:15 GMT
etag: W/"5de0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

GET
H2 200 autoblank.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 1 KB
721 B 112ms
108ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/autoblank.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"553-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 594
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 index.css
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/ 12 KB
3 KB 114ms
111ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/index.css
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2e4a-196eb5befff"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2514
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 20 May 2025 01:43:13 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.css
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/ 3 KB
827 B 112ms
109ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/themes.css
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Open+Sans:wght@400;700&display=swap

Requested by

Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84f796be2fbef3583823bc3bae446c8ce5aa1e5b407d74cc021c22137a9ba859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 12:54:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 09 Jul 2025 12:54:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
547 B 50ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 12:54:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 09 Jul 2025 11:09:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 settings.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 115ms
112ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/settings.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1028-196bc7a5607"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 997
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 10 May 2025 23:14:16 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 debugger.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 1 KB
498 B 116ms
113ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/debugger.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"464-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 446
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 ana.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ 389 KB
133 KB 130ms
129ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js

Requested by

Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52da9eea4523d4894f5218c4e492e11eac94d625c10e7ab2136473e26c396493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Wed, 09 Jul 2025 12:54:15 GMT
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 135913
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 aclib.js Show response
acscdn.com/script/ 143 KB
44 KB 38ms
17ms Script
text/javascript 2606:4700::6812:10c9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://acscdn.com/script/aclib.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10c9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ea232bb2f4cf7d88071aea08c659f762ee01d0e0a1ed845db965d470d47396

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=tgMNqg==, md5=/VUK1moNPhi6XqiKlBCgyw==
cf-cache-status: HIT
etag: W/"fd550ad66a0d3e18ba5ea88a9410a0cb"
age: 1748
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Wed, 09 Jul 2025 13:54:15 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 146925
server-timing: cfExtPri
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript
last-modified: Thu, 03 Jul 2025 13:49:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: ABgVH8-E4ZDxpEUlv2VnSbiVn8l09wMdgwi2OTK9ZYGU73tVwPrAtwjBb-D7XNjKZ2VYz-r52Akojj4
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 95c7f8084a0dc72a-FRA
access-control-allow-origin: *
x-goog-generation: 1751550588457401
server: cloudflare

GET
H2 200 index.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/ 8 KB
3 KB 118ms
116ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/index.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2123-19420c19b61"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 3161
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 search.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 1004 B
486 B 115ms
113ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/search.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3ec-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 434
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 116ms
114ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/themes.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 options.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 117ms
115ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/options.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"e89-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1017
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.bundle.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/ 370 KB
109 KB 206ms
204ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.bundle.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"5c6cc-1932310d24f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.config.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/ 2 KB
904 B 205ms
203ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.config.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"710-197045adf12"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 830
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 24 May 2025 22:12:33 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.sw.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/ 7 KB
3 KB 204ms
203ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.sw.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1d3b-1932310d26f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2957
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 tabs.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 15 KB
4 KB 206ms
204ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3a68-196cccf5594"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 14 May 2025 03:21:02 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 bookmarks.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 203ms
202ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/bookmarks.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f4b-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1252
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 partner.js Show response
partner.senty.com.au/ 8 KB
3 KB 104ms
78ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://partner.senty.com.au/partner.js

Requested by

Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15de36af5d8f15fbcec15399552be03a05cab1c61543b0232e7e2342e76494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6fe8ec292661e1e321c7790732cb8ece"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YGHWMdGGn8%2FEZi9Seub%2B%2FVBFew8PdDWEqk8TZ78utzBR6hE2Oo3fr76Rdcxv0ioF6OLzt0B0yjO%2FbBS7NLt2JY72fXzJ7hI9SJ%2BIBdcZ65iilybjU7pzqvLGo3p%2FUpcJNcdLS920vuA9%2BY52TBUcfIWVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfExtPri
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 95c7f8085e833662-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 settings_manager.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 97ms
97ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/settings_manager.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/autoblank.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
content-length: 885
date: Wed, 09 Jul 2025 12:54:15 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 204 czcf.php
youradexchange.com/ad/ 0
0 164ms
138ms Fetch 2606:4700::6812:1862
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://youradexchange.com/ad/czcf.php?cz=hfjbzu6ztb&atv=62.4&chmob=%3F0
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1862 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-ray: 95c7f8092e506c5f-FRA
access-control-allow-origin: *
date: Wed, 09 Jul 2025 12:54:15 GMT
server: cloudflare
access-control-allow-headers: Content-Type

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ 8 KB
8 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://fonts.googleapis.com/

Response headers

age: 104188
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 07:57:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 07:57:47 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ 3 KB
2 KB 392ms
128ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Wed, 09 Jul 2025 12:54:15 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H3 200 history_helper.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 110ms
109ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/history_helper.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"ff4-19630f6df0b"
via: 1.1 Caddy
content-length: 960
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H3 200 index.mjs Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/ 8 KB
3 KB 111ms
111ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/index.mjs
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js

Response headers

cache-control: public, max-age=0
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"2019-19420c19b79"
via: 1.1 Caddy
content-length: 3022
date: Wed, 09 Jul 2025 12:54:15 GMT
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

POST
H3 204 hb.php
usrpubtrk.com/ut/ 0
636 B 159ms
137ms Ping
text/plain 2606:4700:3033::6815:5c21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://usrpubtrk.com/ut/hb.php?cb=0.5217575520732509&v=1
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5c21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AlqHRuWUO9SfIl%2BFjc1dqFqd9%2BWkKGU39p0RldcN8D8eMCATjpw%2FSY%2F7xL0Ea931YosafLzIGt5K3vg4Lg1R4f3pA0fsUXy7tRwk58cIp9aNb5jrU3%2BHP7O7%2FGJo1OWLLImyuVB7npIWAbXz"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 95c7f80a7dd15d79-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6494&min_rtt=6010&rtt_var=1222&sent=11&recv=12&lost=0&retrans=0&sent_bytes=3672&recv_bytes=4405&delivery_rate=1635565&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15474&unsent_bytes=0&cid=9a54e145f05a037f&ts=141&inflight_dur=46&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
server: cloudflare

GET worker.js
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/ 0
0

GET
H3 200 broken-sites Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/v1/api/ 94 B
246 B 106ms
106ms Fetch
application/json 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/v1/api/broken-sites
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 78ffd9f0246c62c5eb5c262ca1bb2d09797c85c7bac3ed6f92d416efab022c8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

via: 1.1 Caddy
content-length: 94
cross-origin-opener-policy: same-origin
etag: W/"5e-ZQO/qHEjkSrxx/CBgBacXRhdjlg"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express

GET
H3 200 embed Show response
fontgenerator.cc/ Frame EE1C 13 KB
6 KB 405ms
378ms Document
text/html 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/embed

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50df99b68aea2b99ad8a117f6d3ce0a5b448bd09148cbcf94eb5f63908a44f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 95c7f80b483c4d91-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 09 Jul 2025 12:54:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSpM4K7PuzIYbgA5hVIM7ZEPl0tr1ruePy4i9yuCwXrT3r3kUfdEtFH3lTqnxPxD2jOW3oqWMiCh5Q%2F2ohcUqeLG0qp5pNupTMc8srR%2F6r9ezUH71AuNep4Tl1NB6Yb%2FYkGlQXtEBEhPd0Vs40tp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=5976&min_rtt=5791&rtt_var=863&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3704&recv_bytes=3375&delivery_rate=1007656&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15483&unsent_bytes=0&cid=a0113127b3d9a336&ts=385&inflight_dur=51&x=103"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

404

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

726 B
917 B

46ms
16ms

Image
image/png

2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Requested by

Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
date: Wed, 09 Jul 2025 12:54:15 GMT
x-xss-protection: 0
content-type: image/png
server: sffe

Redirect headers

cache-control: public, max-age=1800
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24
age: 210
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 13:20:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
x-xss-protection: 0
date: Wed, 09 Jul 2025 12:50:45 GMT
content-type: text/html; charset=UTF-8
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 48ms
15ms Fetch
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5771v9138172222za204&_p=1752065655180&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104630776~104630778~104684208~104684211~104718208~104839054~104839056~104885889~104885891~104909302~104909304&cid=1129975605.1752065656&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1752065655&sct=1&seg=0&dl=https%3A%2F%2Fgofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&dt=Shadow&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1227
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 202 event Show response
stats.senty.com.au/api/ 2 B
220 B 384ms
129ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-request-id: GFCWbnADHjhO5o4Msq_R
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ Frame EE1C 8 KB
2 KB 51ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8e3783dafaec68331904ad2dcec69ba0e18c55290155020a063afe70938220a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 12:54:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 09 Jul 2025 12:54:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame EE1C 368 KB
36 KB 56ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-8cd9"
age: 496912
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ge%2F27AvmFsxBYcz%2Fy8NOn5vQz3o%2BNzG2XNZXJsEi%2FFA4NsRlG82oaW10Ag0Gu%2BYHwjjlevQTR5eu7UzLPsI90Mi3oabz0WOQmKtt%2BLMQ0Sx9GKzUlAcz9%2FSvBKSZFscA5sHtCbUWyYWh%2FRI8Ly80tZTU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 29 Jun 2026 12:54:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c7f80de9141bcf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36057
server: cloudflare

GET
H3 200 style.css
fontgenerator.cc/ Frame EE1C 14 KB
4 KB 34ms
31ms Stylesheet
text/css 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/style.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "68102ad2-3910"
age: 1331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WaTO8YlkjP0qwJaM7BM67km%2BOkE7Xy8Pqyh21kYElezqUC6Reu66KQqKh6WoJ4qPCIvhpBdjCfNA%2BBV5YPKoZmLeu%2BlN%2FzGZ9QzMP452ROea%2Ft2rmmYinnCOtmoPUmF4Zne%2F9jxLq%2FJ1Iz%2Bgmen"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6095&min_rtt=5791&rtt_var=561&sent=33&recv=20&lost=0&retrans=0&sent_bytes=25788&recv_bytes=5450&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=21426&unsent_bytes=0&cid=a0113127b3d9a336&ts=426&inflight_dur=65&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 01:26:42 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8454d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 toastr.min.css
fontgenerator.cc/ Frame EE1C 7 KB
4 KB 35ms
33ms Stylesheet
text/css 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/toastr.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1a55"
age: 6405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8yq8NiW0d%2Fc5faVa8p3kH6ezFn2bMH6GNLxWO6gHN58ZlzmqWLeVnNEaE%2F2I98ikSsYd6EeTigYmq2t9pqoG5SVE5EXTyicEpl4Mnl5QWAlRejDVcwE6lPKiAf8ceK6g59lwKGFKjgV4S8IQbWP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6042&min_rtt=5791&rtt_var=408&sent=46&recv=22&lost=0&retrans=0&sent_bytes=40619&recv_bytes=5536&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=26176&unsent_bytes=0&cid=a0113127b3d9a336&ts=429&inflight_dur=68&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8444d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 inview.min.js Show response
stpd.cloud/assets/libraries/ Frame EE1C 5 KB
3 KB 77ms
20ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://stpd.cloud/assets/libraries/inview.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"23df7c2f5fe3a534a7299c9c9e923fa9"
age: 1310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEaEMJ5UWyUciGz5l%2BACmGeoRzXgqYPWrk0OCXT%2BqqZy4POGrgHdZhe7ZvogMRSzHWZjK%2FDOcN8IeFs7ZegTidvJHM6QrbWZfAJZX6llcJMVEYwTD8zbwNzCvnMQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 13:14:16 GMT
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=1200
referrer-policy: strict-origin-when-cross-origin
cf-ray: 95c7f80e1f5c7093-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EE1C 111 KB
34 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0490c9f4319975e560b0407a8b2e3e7fc57504b6a08cec61818fe69858ff41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 664 / 20278 / 31093296 / config-hash: 9723490315508599960
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 12:54:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 35013
x-xss-protection: 0
server: cafe

GET
H2 200 9343 Show response
stpd.cloud/saas/ Frame EE1C 513 KB
139 KB 80ms
78ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://stpd.cloud/saas/9343
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed15bbf4c911176993b47242f02fa0a03836b69685068e527c3bd74297fb4588

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=300
x-stpd-module-cache: HIT
content-encoding: br
cf-ray: 95c7f80e4fc77093-FRA
access-control-allow-origin: *
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame EE1C 393 KB
134 KB 62ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1B87SF7ZHT

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

810b7f307183d73fdbe7b5e899cd25137a4f2e16d6e9a02fe22a91f22abdd7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Wed, 09 Jul 2025 12:54:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 136314
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ Frame EE1C 3 KB
2 KB 386ms
130ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Wed, 09 Jul 2025 12:54:16 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame EE1C 87 KB
28 KB 69ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "603e8adc-15d9d"
age: 18280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBPY7KdREXYNiUq5ugytQjO24V%2F44XWV9UmD2ws1pzhH6acgbXpYgKOX0Pe9DbLB2dhUd2iqFNkVv0Tl5TTtOgneOFo6gPcS69RSDNbBi6tJxsWK46OlDXI%2FHnBDKPSFgv7tbBERxypa8BXR8ZaCkOIJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 29 Jun 2026 12:54:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c7f80de9181bcf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27938
server: cloudflare

GET
H3 200 script.js Show response
fontgenerator.cc/js/ Frame EE1C 95 KB
20 KB 37ms
36ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/script.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e356ca-17ae7"
age: 3117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIBFok8xiaIEImGggQcAfgceTRt9PTnSZAAIFn5mOgpdveXeBgSrsP3O3DhbEUJqe%2BhAcbqiPU3p%2FbRS%2F2KLv%2B4JMT4EpxGA2YWSqFHr7fnwpHM9pzU0MRc5uejC4OVrjBukdm2Dh2De9xi8xxvp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6042&min_rtt=5791&rtt_var=408&sent=46&recv=22&lost=0&retrans=0&sent_bytes=40619&recv_bytes=5536&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=26176&unsent_bytes=0&cid=a0113127b3d9a336&ts=431&inflight_dur=68&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 01:22:18 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8434d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 functions.js Show response
fontgenerator.cc/js/ Frame EE1C 5 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/functions.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e34bc9-1275"
age: 3117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CywbAjJr8jt%2BNSGhT7jUigp3VSVO4ch1%2F%2FLQ82OBbKRxBw0s4V2zZfg1WHaxEzYekvnAqHe2qR1RIb8lq%2FCbTPH2KslKxg6XNT4KjHcMFIZyVs1GR0778cskoNO%2B8qfP6ShQAKn8hgh2w5JY6S%2B%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6095&min_rtt=5791&rtt_var=561&sent=19&recv=20&lost=0&retrans=0&sent_bytes=9693&recv_bytes=5450&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=21426&unsent_bytes=0&cid=a0113127b3d9a336&ts=421&inflight_dur=61&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 00:35:21 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8464d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 mdb.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame EE1C 123 KB
31 KB 73ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.umd.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-7ae6"
age: 29707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rz1Fc4kjoFmZ6RZEA%2BvhEPkaBvsG9qwvWaY3ZtWRk5TkECMxfNV1MB%2FbFAaYVo%2Fkc5a8MHf4eI0U2nonAzxpWGaSmPdXyNG1wHsGKYKADI5YGgkfGiQYuMp31QU%2F6IbeNg8ySN0gt%2BhToenxDaZoi7Fi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 29 Jun 2026 12:54:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c7f80de91a1bcf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31462
server: cloudflare

GET
H3 200 toastr.min.js Show response
fontgenerator.cc/js/ Frame EE1C 5 KB
3 KB 23ms
23ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/toastr.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-15a1"
age: 6119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnzGz49N8Vdri5ncdIr6UtnBbU%2B2Cu%2Br0ktd3cun7TVTIUxqg518V3JAvy9tLiju712o189Xlo5dXZDEKh%2BeXFtMcPT0sgQP8Y3reD9%2Brb0t7dFs4NqDFvwyKJCGB9yERDiaSFdYbkWBlTWecsEz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6095&min_rtt=5791&rtt_var=561&sent=21&recv=20&lost=0&retrans=0&sent_bytes=12043&recv_bytes=5450&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=21426&unsent_bytes=0&cid=a0113127b3d9a336&ts=422&inflight_dur=61&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8474d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3

200

ads.js Show response
app.tinyadz.com/scripts/v1.0/ Frame EE1C
Redirect Chain

https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781

7 KB
3 KB

176ms
175ms

Script
text/javascript

2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H3
Server: 2606:4700:3033::ac43:cd8d -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8538b1993b3e409b97eb358a67ea08e9b2bb9b3f645a182a38badefce054530b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gt0igxXy96YjRpN8bcy32UII2jM1jfiZ4n45JyiGf81SrCq6sgrWDnMTR2%2BjaHDHwZSMXMl1d9RLJEXH6KQqxRlRStyFbgCDeylnjoxNOPXKiqSv4CIhm7Ul9zXTj3XWuVYauitcOb6BkPWcMS4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f80e59dbd2bb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6689&min_rtt=5830&rtt_var=1755&sent=14&recv=14&lost=0&retrans=0&sent_bytes=4501&recv_bytes=3665&delivery_rate=1082389&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=16227&unsent_bytes=0&cid=9acc700d4444f87a&ts=260&inflight_dur=53&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Wed, 09 Jul 2025 12:54:16 GMT

Redirect headers

cache-control: max-age=14400
location: /scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GutnwOdENzBJ%2BZt%2Fp86GOMmuioHa1EHtvMv101yNX%2BRnvcmVx6dQwTvLHDouy2mponq7YpMNNZn70JPGYUWn0C80XIXh4VEWMFT6VmKUCnldiqm1fAbaY6WvCKJKq1%2FsvsVd6DFijiH1Jd7GoSg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f80df9dad2bb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9
server-timing: cfL4;desc="?proto=QUIC&rtt=6788&min_rtt=5830&rtt_var=2076&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3691&recv_bytes=3240&delivery_rate=1082389&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15463&unsent_bytes=0&cid=9acc700d4444f87a&ts=70&inflight_dur=22&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 livewire.min.js Show response
fontgenerator.cc/livewire/ Frame EE1C 144 KB
51 KB 26ms
26ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/livewire/livewire.min.js?id=fcf8c2ad

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf9cdad83deb13c8f283b10b732e4fd4f4908c0f2d8ac7fc2ed4685356e24c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 6821
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8i6%2B0i0YG9hMuEi9OvR2Ze8b12%2F%2FsRfcr4luarJb%2Fo2IQtNMDKt%2FJ7tpQ0BfvQDeLUttfCVlt%2B%2Fb3%2FUuobV%2BOfrocOOuyr%2Fhl%2Bp%2FLGs6He0ZirJWG02HNgxAs7IvvmdzKehqE4LjsPKhW7U8W8HJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 09 Jul 2026 11:00:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6095&min_rtt=5791&rtt_var=561&sent=24&recv=20&lost=0&retrans=0&sent_bytes=14988&recv_bytes=5450&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=21426&unsent_bytes=0&cid=a0113127b3d9a336&ts=425&inflight_dur=62&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
last-modified: Wed, 12 Mar 2025 20:24:15 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 95c7f80db8484d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 fontgenerator.js Show response
cdn4.buysellads.net/pub/ Frame EE1C 701 KB
179 KB 138ms
68ms Script
application/javascript 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752065400000
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-2 /
Resource Hash: 625e266d5e517f15a1973b9d7f06ccdba9a8726e46a17801d4424b3efce98cd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: br
etag: f0d2bd2b580ecf448139422ad7f42487561c01e1
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript
vary: Accept-Encoding
server: srv-lon1-2

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v43/ Frame EE1C 18 KB
18 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c09bfb0a6a92e9cbd914a5f86731118b052d2fdef2a6a0eac31b1780d3d97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fonts.googleapis.com/

Response headers

age: 104377
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 07:54:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 07:54:39 GMT
last-modified: Wed, 28 May 2025 17:51:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18652
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507020101/ Frame EE1C 539 KB
170 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507020101/pubads_impl.js?cb=31093296

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42553b60ce895fb08ea2c7f136ff2376d371ab27a8c4ae9d427de7b3c9472c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 4183756661405923630
age: 17078
x-content-type-options: nosniff
expires: Thu, 09 Jul 2026 08:09:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 09 Jul 2025 08:09:38 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173764
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202507080101/ Frame EE1C 64 KB
23 KB 16ms
16ms Other
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202507080101/gpt

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26170f6e512b65921c72efdda4caa9e0a3a362a49625e5ca5e92a2efe74e7cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 8335879915435882070
age: 78777
x-content-type-options: nosniff
expires: Tue, 15 Jul 2025 15:01:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 08 Jul 2025 15:01:19 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23329
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202507080101"

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame EE1C 2 KB
1 KB 663ms
216ms Fetch
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250709

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

36de703e2f5911ab433271a452e95a337f38d2007d0a001fa2ca561e78d351df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"636-33McN8n6IlI+IkpnhIMoHaq04AM"
age: 31996
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-gru-sbgr1930069-GRU
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 806
x-jsd-version: 1.0.2476

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame EE1C 49 B
250 B 147ms
101ms Fetch
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002bTS1QAAW&gdpr=0&src=pbjs&ver=9.27.0&coppa=0
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json
vary: origin

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame EE1C 43 B
320 B 116ms
35ms Fetch
application/json 54.194.198.116
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://id.crwdcntrl.net/id?c=18013

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.198.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-198-116.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json;charset=utf-8

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ Frame EE1C 2 B
276 B 156ms
109ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=533&_it=prebid&t=1&src=id&domain=fontgenerator.cc
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=604800
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
cf-ray: 95c7f8103ac9d2bf-FRA
access-control-allow-origin: *
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json; charset=utf8
server: cloudflare
access-control-allow-headers: authorization,content-type

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame EE1C 194 B
645 B 55ms
8ms Fetch
application/json 162.19.138.118
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

734e0e4308c5fbb5999269d165b1a54cdaead6e156cf8e7b07692a15dd70bdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
p3p: CP="CAO PSA OUR"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

GET json
gum.criteo.com/sid/ Frame EE1C 0
0

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame EE1C 61 KB
19 KB 66ms
27ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1761291
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R522rMe04oS2s8YofJdk4N5rUPjSNfSEgI5h0tYESQcy5%2BQ5c6Uf7NsKv91ciwFZek8gqgtuBJ9bnjU%2BKkTn9j2T8H0jP7v2osq145cTnN9cDZdhajW6r8HzsHP7XMosZZKoCHaYRD5%2B9Jyh"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 24 Mar 2025 20:37:34 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=7108&min_rtt=5910&rtt_var=2483&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3461&recv_bytes=2306&delivery_rate=666443&cwnd=252&unsent_bytes=0&cid=9e06c5846b862214&ts=40&x=0"
Date: Wed, 09 Jul 2025 12:54:16 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 95c7f8103c919a30-FRA
Server: cloudflare

OPTIONS json
gum.criteo.com/sid/ Frame 0
0

GET
H2 200 tag Show response
btloader.com/ Frame EE1C 86 KB
28 KB 36ms
12ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752065400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3430e17d6238991948c22e59a4119ac308daa84be92fec24814748bd51461

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "6f7d1031bbe7dea1ba688652bcb14ae0"
via: 1.1 google
cf-ray: 95c7f8108cedd40e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27996
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Jul 2025 12:28:12 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EE1C 111 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752065400000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0490c9f4319975e560b0407a8b2e3e7fc57504b6a08cec61818fe69858ff41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 664 / 20278 / 31093296 / config-hash: 9723490315508599960
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 12:54:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 35013
x-xss-protection: 0
server: cafe

GET
H2 200 CEADK5QI.json Show response
srv.buysellads.com/ads/ Frame EE1C 0
114 B 109ms
20ms Fetch
application/json 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://srv.buysellads.com/ads/CEADK5QI.json?forcebanner=593362&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752065400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-origin: *
content-length: 0
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: srv-lon1-2
access-control-allow-headers: *

GET
H3 200 GetSiteAdConfigAPI Show response
app.tinyadz.com/api/ Frame EE1C 96 B
746 B 56ms
56ms Fetch
application/json 2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetSiteAdConfigAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&refererUrl=https%3A%2F%2Fgofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:cd8d -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=0
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rqC06X%2B%2BBEbKa926tZkqgjN143Rp1nIQrlazvvVB5067LGIUX%2BG1cGD9h6WEfnFwGlwa6iD3TaEDNHG3iqBdUDKItm0VfMFUSzYxNb5HPiwMifoJEzUUf1KwvEgFzd8defV4aiTz1NT4PqBeE%2B0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f810b9ebd2bb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6531&min_rtt=5701&rtt_var=1241&sent=18&recv=17&lost=0&retrans=0&sent_bytes=8016&recv_bytes=4224&delivery_rate=1082389&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=19719&unsent_bytes=0&cid=9acc700d4444f87a&ts=517&inflight_dur=85&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
server: cloudflare

POST
H2 202 event Show response
stats.senty.com.au/api/ Frame EE1C 2 B
219 B 390ms
131ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-request-id: GFCWbpa0G9uhOl0MsrAx
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H2 200 dns Show response
ag.dns-finder.com/meta/ Frame EE1C 2 B
233 B 172ms
121ms Fetch
text/plain 34.36.200.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ag.dns-finder.com/meta/dns
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 111.200.36.34.bc.googleusercontent.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers: X-Resolver
x-resolver: default
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/plain; charset=utf-8
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ Frame EE1C 43 B
626 B 60ms
10ms Image
image/gif 2606:4700:10::ac43:b78
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 111707
x-goog-stored-content-encoding: identity
expires: Thu, 10 Jul 2025 12:54:16 GMT
x-goog-stored-content-length: 43
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: image/gif
vary: accept-encoding
last-modified: Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid: ABgVH88YH1fcJ0zZcIzVKd1cCKgrvWiAw5d8VrInCHf82pqwFabRMdchlv7A0JuBNNgN-R4Wc2N1d8o
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 95c7f8113cd3d2bf-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ Frame EE1C 1 KB
130 B 54ms
8ms Image
image/x-icon 142.250.184.230
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
age: 67073
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 18:16:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 18:16:23 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ Frame EE1C 43 B
110 B 60ms
11ms Image
image/gif 2606:4700:10::ac43:b78
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8785786269013168
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 111707
x-goog-stored-content-encoding: identity
expires: Thu, 10 Jul 2025 12:54:16 GMT
x-goog-stored-content-length: 43
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: image/gif
vary: accept-encoding
last-modified: Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid: ABgVH88YH1fcJ0zZcIzVKd1cCKgrvWiAw5d8VrInCHf82pqwFabRMdchlv7A0JuBNNgN-R4Wc2N1d8o
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 95c7f8113cd5d2bf-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame EE1C 56 B
346 B 62ms
9ms Fetch
application/json 57.129.85.132
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

57.129.85.132 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3249663.ip-57-129-85.eu

Software

Resource Hash

026d0d5e5368e24d1b1f8ffac708b90a6141a0afa791a5a2eec54fb5dd5eec16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
content-encoding: gzip
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

POST
H3 419 update Show response
fontgenerator.cc/livewire/ Frame EE1C 6 KB
7 KB 196ms
195ms Fetch
text/html 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://fontgenerator.cc/livewire/update
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/livewire/livewire.min.js?id=fcf8c2ad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215f7f231630aec75244d7692513e91afe4ece0567da98154905ce6587aed69f

Request headers

Referer: https://fontgenerator.cc/embed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-type: application/json
X-Livewire

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8byNO9Hl6LOSFqTMbJtQkGzRtYIxx2lmimGFE3KVANb7KZr4IgoFN7RuNes29aiDEYjJmIme6sBs7kxlReU76ucDHpoSIfo7TVISOm7qEXhrPEwcRuQhfpWfXIcEKBAAFmqfAQOhVBPW2scx1Hg"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f810f8574d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6414&min_rtt=5767&rtt_var=323&sent=103&recv=63&lost=0&retrans=0&sent_bytes=100699&recv_bytes=8505&delivery_rate=7945364&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=99766&unsent_bytes=0&cid=a0113127b3d9a336&ts=1116&inflight_dur=111&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 manager.js Show response
app.tinyadz.com/libs/v1.0/ Frame EE1C 7 KB
3 KB 134ms
124ms Script
text/javascript 2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/libs/v1.0/manager.js
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:cd8d -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88d6e605b6b3818e1a94568e003b57d0b725c0e420abefddab00384c84b3bdcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYu%2BT889FmCsIr5biiMUnjgyiQksm7072Y3AKFlqFDnfjz5vwqGrz3F4pHQmaj5hrNgF7nvoNoWBBeRRyrmN5ivLyxFbGYb%2BdCRt7rsls3tt7l7949n8gZk7Q7nTamimiaG%2Br6P8FX%2BpS1pv%2FUc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f8114dfde7b9-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6964&min_rtt=6030&rtt_var=1546&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3642&recv_bytes=3155&delivery_rate=2524010&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15467&unsent_bytes=0&cid=d1a7c5a9d3d2a22f&ts=125&inflight_dur=55&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ Frame EE1C 465 B
724 B 13ms
9ms Fetch
application/json 162.19.138.118
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

fcaa3762c060a5d51954912a6c53e6ad9a7822f994ce9af6c1edc4f256c9f046

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H2 200 trustedIframe.html Show response
btloader.com/ Frame 487A 3 KB
1 KB 127ms
126ms Document
text/html 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/trustedIframe.html?o=5102648370397184&tid=uHsqMCu7-PXFEn5Gi-97ef40468b&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf33c771c479833c95e75e26cc79c123ae88c52ed55ab1f5dfcb3b0bf9807c7

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 95c7f8121847d40e-FRA
content-encoding: br
content-type: text/html
date: Wed, 09 Jul 2025 12:54:16 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 country Show response
api.btloader.com/ Frame EE1C 37 B
153 B 161ms
122ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/country?o=5102648370397184
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json
vary: Origin

GET
H3 200 F.svg
fontgenerator.cc/icons/ Frame EE1C 5 KB
3 KB 21ms
20ms Image
image/svg+xml 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://fontgenerator.cc/icons/F.svg

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1516"
age: 6405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FpUwZy2T7AzR629%2FYSGzhAKSEVKTz99TXwl1iPrST5EBWJ1oICk0BWfJIY1k7F%2B47ANMjz9zzmREnRwYZxu670p2cOtRC7%2F77FpagDTAkQKpynl3Di5RpxXBNYwdvS%2BuYJ2ZzGswwBjMbvDnvW8Q"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6414&min_rtt=5767&rtt_var=323&sent=100&recv=63&lost=0&retrans=0&sent_bytes=97748&recv_bytes=8505&delivery_rate=7945364&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=99766&unsent_bytes=0&cid=a0113127b3d9a336&ts=1115&inflight_dur=111&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f81208584d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 pv
api.btloader.com/ Frame EE1C 0
0 128ms
118ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/pv?nlf=false&tid=uHsqMCu7-PXFEn5Gi-97ef40468b&sid=1pE3ezWlbM-16InAeBXd-97ef40468b&cv=2.1.122-1-g8b9864a&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:16 GMT
vary: Origin

GET
H3 200 embed Show response
fontgenerator.cc/ Frame EE1C 13 KB
6 KB 197ms
196ms Document
text/html 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/embed

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/livewire/livewire.min.js?id=fcf8c2ad

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57e236abeb62ff33b5d00573839ae546ad4f579cfd14f327cf87472e695279b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fontgenerator.cc/embed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 95c7f81a98764d91-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 09 Jul 2025 12:54:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4AMgOdmw7W0ulnuIil8SIfCXAfDqLfcZotHxrzySAYWN%2ByGZHDrcXm8GkS1juk584q%2BsJJeuHuWKV%2FzhQaoBAfe4LA06s9k87ATcQEBLoZIEAPvlM%2BUO8He1QzDRcqTzyDEgHaQngRE6P94X8jg"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6439&min_rtt=5767&rtt_var=250&sent=113&recv=67&lost=0&retrans=0&sent_bytes=108534&recv_bytes=9062&delivery_rate=7945364&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=110528&unsent_bytes=0&cid=a0113127b3d9a336&ts=2651&inflight_dur=122&x=103"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 home.html Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/pages/ Frame 1A64 47 B
233 B 109ms
97ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329

Request headers

Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: public, max-age=3600, must-revalidate public, max-age=604800
content-length: 47
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 09 Jul 2025 12:54:18 GMT
etag: W/"2f-1924f22eefb"
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
via: 1.1 Caddy
x-powered-by: Express

GET
H3

200

/ Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/ Frame 1A64
Redirect Chain

https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home
https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

976 B
728 B

105ms
98ms

Document
text/html

104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6

Request headers

Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
content-length: 555
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 09 Jul 2025 12:54:18 GMT
etag: W/"3d0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

Redirect headers

content-length: 154
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Wed, 09 Jul 2025 12:54:18 GMT
location: /home/
via: 1.1 Caddy
x-content-type-options: nosniff
x-powered-by: Express

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame EE1C 0
0

GET
H2 200 css2
fonts.googleapis.com/ Frame EE1C 8 KB
0 10ms
10ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8e3783dafaec68331904ad2dcec69ba0e18c55290155020a063afe70938220a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 12:54:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 09 Jul 2025 12:54:15 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame EE1C 368 KB
0 13ms
13ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-8cd9"
age: 496912
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ge%2F27AvmFsxBYcz%2Fy8NOn5vQz3o%2BNzG2XNZXJsEi%2FFA4NsRlG82oaW10Ag0Gu%2BYHwjjlevQTR5eu7UzLPsI90Mi3oabz0WOQmKtt%2BLMQ0Sx9GKzUlAcz9%2FSvBKSZFscA5sHtCbUWyYWh%2FRI8Ly80tZTU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 29 Jun 2026 12:54:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c7f80de9141bcf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36057
server: cloudflare

GET
H3 200 style.css
fontgenerator.cc/ Frame EE1C 14 KB
0 14ms
14ms Stylesheet
text/css 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/style.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "68102ad2-3910"
age: 1331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WaTO8YlkjP0qwJaM7BM67km%2BOkE7Xy8Pqyh21kYElezqUC6Reu66KQqKh6WoJ4qPCIvhpBdjCfNA%2BBV5YPKoZmLeu%2BlN%2FzGZ9QzMP452ROea%2Ft2rmmYinnCOtmoPUmF4Zne%2F9jxLq%2FJ1Iz%2Bgmen"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6095&min_rtt=5791&rtt_var=561&sent=33&recv=20&lost=0&retrans=0&sent_bytes=25788&recv_bytes=5450&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=21426&unsent_bytes=0&cid=a0113127b3d9a336&ts=426&inflight_dur=65&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 01:26:42 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8454d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 toastr.min.css
fontgenerator.cc/ Frame EE1C 7 KB
0 15ms
15ms Stylesheet
text/css 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/toastr.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1a55"
age: 6405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8yq8NiW0d%2Fc5faVa8p3kH6ezFn2bMH6GNLxWO6gHN58ZlzmqWLeVnNEaE%2F2I98ikSsYd6EeTigYmq2t9pqoG5SVE5EXTyicEpl4Mnl5QWAlRejDVcwE6lPKiAf8ceK6g59lwKGFKjgV4S8IQbWP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6042&min_rtt=5791&rtt_var=408&sent=46&recv=22&lost=0&retrans=0&sent_bytes=40619&recv_bytes=5536&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=26176&unsent_bytes=0&cid=a0113127b3d9a336&ts=429&inflight_dur=68&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8444d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 inview.min.js Show response
stpd.cloud/assets/libraries/ Frame EE1C 5 KB
91 B 61ms
22ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://stpd.cloud/assets/libraries/inview.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"23df7c2f5fe3a534a7299c9c9e923fa9"
age: 1312
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEaEMJ5UWyUciGz5l%2BACmGeoRzXgqYPWrk0OCXT%2BqqZy4POGrgHdZhe7ZvogMRSzHWZjK%2FDOcN8IeFs7ZegTidvJHM6QrbWZfAJZX6llcJMVEYwTD8zbwNzCvnMQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 13:14:18 GMT
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: application/javascript
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=1200
referrer-policy: strict-origin-when-cross-origin
cf-ray: 95c7f81c3bee7093-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EE1C 111 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0490c9f4319975e560b0407a8b2e3e7fc57504b6a08cec61818fe69858ff41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 664 / 20278 / 31093296 / config-hash: 9723490315508599960
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 12:54:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 35013
x-xss-protection: 0
server: cafe

GET
H2 200 9343 Show response
stpd.cloud/saas/ Frame EE1C 513 KB
0 0ms
0ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://stpd.cloud/saas/9343
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed15bbf4c911176993b47242f02fa0a03836b69685068e527c3bd74297fb4588

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=300
x-stpd-module-cache: HIT
content-encoding: br
cf-ray: 95c7f80e4fc77093-FRA
access-control-allow-origin: *
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame EE1C 393 KB
0 2ms
2ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1B87SF7ZHT

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

810b7f307183d73fdbe7b5e899cd25137a4f2e16d6e9a02fe22a91f22abdd7bc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Wed, 09 Jul 2025 12:54:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 136314
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ Frame EE1C 3 KB
0 4ms
4ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Wed, 09 Jul 2025 12:54:16 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame EE1C 87 KB
0 16ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "603e8adc-15d9d"
age: 18280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBPY7KdREXYNiUq5ugytQjO24V%2F44XWV9UmD2ws1pzhH6acgbXpYgKOX0Pe9DbLB2dhUd2iqFNkVv0Tl5TTtOgneOFo6gPcS69RSDNbBi6tJxsWK46OlDXI%2FHnBDKPSFgv7tbBERxypa8BXR8ZaCkOIJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 29 Jun 2026 12:54:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c7f80de9181bcf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27938
server: cloudflare

GET
H3 200 script.js Show response
fontgenerator.cc/js/ Frame EE1C 95 KB
0 18ms
18ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/script.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e356ca-17ae7"
age: 3117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIBFok8xiaIEImGggQcAfgceTRt9PTnSZAAIFn5mOgpdveXeBgSrsP3O3DhbEUJqe%2BhAcbqiPU3p%2FbRS%2F2KLv%2B4JMT4EpxGA2YWSqFHr7fnwpHM9pzU0MRc5uejC4OVrjBukdm2Dh2De9xi8xxvp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6042&min_rtt=5791&rtt_var=408&sent=46&recv=22&lost=0&retrans=0&sent_bytes=40619&recv_bytes=5536&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=26176&unsent_bytes=0&cid=a0113127b3d9a336&ts=431&inflight_dur=68&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 01:22:18 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8434d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 functions.js Show response
fontgenerator.cc/js/ Frame EE1C 5 KB
0 19ms
19ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/functions.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e34bc9-1275"
age: 3117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CywbAjJr8jt%2BNSGhT7jUigp3VSVO4ch1%2F%2FLQ82OBbKRxBw0s4V2zZfg1WHaxEzYekvnAqHe2qR1RIb8lq%2FCbTPH2KslKxg6XNT4KjHcMFIZyVs1GR0778cskoNO%2B8qfP6ShQAKn8hgh2w5JY6S%2B%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6095&min_rtt=5791&rtt_var=561&sent=19&recv=20&lost=0&retrans=0&sent_bytes=9693&recv_bytes=5450&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=21426&unsent_bytes=0&cid=a0113127b3d9a336&ts=421&inflight_dur=61&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 00:35:21 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8464d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 mdb.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame EE1C 123 KB
0 21ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.umd.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-7ae6"
age: 29707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rz1Fc4kjoFmZ6RZEA%2BvhEPkaBvsG9qwvWaY3ZtWRk5TkECMxfNV1MB%2FbFAaYVo%2Fkc5a8MHf4eI0U2nonAzxpWGaSmPdXyNG1wHsGKYKADI5YGgkfGiQYuMp31QU%2F6IbeNg8ySN0gt%2BhToenxDaZoi7Fi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 29 Jun 2026 12:54:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c7f80de91a1bcf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31462
server: cloudflare

GET
H3 200 toastr.min.js Show response
fontgenerator.cc/js/ Frame EE1C 5 KB
0 24ms
24ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/toastr.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-15a1"
age: 6119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnzGz49N8Vdri5ncdIr6UtnBbU%2B2Cu%2Br0ktd3cun7TVTIUxqg518V3JAvy9tLiju712o189Xlo5dXZDEKh%2BeXFtMcPT0sgQP8Y3reD9%2Brb0t7dFs4NqDFvwyKJCGB9yERDiaSFdYbkWBlTWecsEz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6095&min_rtt=5791&rtt_var=561&sent=21&recv=20&lost=0&retrans=0&sent_bytes=12043&recv_bytes=5450&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=21426&unsent_bytes=0&cid=a0113127b3d9a336&ts=422&inflight_dur=61&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f80db8474d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3

200

ads.js Show response
app.tinyadz.com/scripts/v1.0/ Frame EE1C
Redirect Chain

https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781

7 KB
0

6ms
6ms

Script
text/javascript

2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H3
Server: 2606:4700:3033::ac43:cd8d -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8538b1993b3e409b97eb358a67ea08e9b2bb9b3f645a182a38badefce054530b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gt0igxXy96YjRpN8bcy32UII2jM1jfiZ4n45JyiGf81SrCq6sgrWDnMTR2%2BjaHDHwZSMXMl1d9RLJEXH6KQqxRlRStyFbgCDeylnjoxNOPXKiqSv4CIhm7Ul9zXTj3XWuVYauitcOb6BkPWcMS4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f80e59dbd2bb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6689&min_rtt=5830&rtt_var=1755&sent=14&recv=14&lost=0&retrans=0&sent_bytes=4501&recv_bytes=3665&delivery_rate=1082389&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=16227&unsent_bytes=0&cid=9acc700d4444f87a&ts=260&inflight_dur=53&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Wed, 09 Jul 2025 12:54:16 GMT

Redirect headers

cache-control: max-age=14400
location: /scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GutnwOdENzBJ%2BZt%2Fp86GOMmuioHa1EHtvMv101yNX%2BRnvcmVx6dQwTvLHDouy2mponq7YpMNNZn70JPGYUWn0C80XIXh4VEWMFT6VmKUCnldiqm1fAbaY6WvCKJKq1%2FsvsVd6DFijiH1Jd7GoSg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f80df9dad2bb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9
server-timing: cfL4;desc="?proto=QUIC&rtt=6788&min_rtt=5830&rtt_var=2076&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3691&recv_bytes=3240&delivery_rate=1082389&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15463&unsent_bytes=0&cid=9acc700d4444f87a&ts=70&inflight_dur=22&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 livewire.min.js Show response
fontgenerator.cc/livewire/ Frame EE1C 144 KB
0 25ms
25ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/livewire/livewire.min.js?id=fcf8c2ad

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf9cdad83deb13c8f283b10b732e4fd4f4908c0f2d8ac7fc2ed4685356e24c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 6821
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8i6%2B0i0YG9hMuEi9OvR2Ze8b12%2F%2FsRfcr4luarJb%2Fo2IQtNMDKt%2FJ7tpQ0BfvQDeLUttfCVlt%2B%2Fb3%2FUuobV%2BOfrocOOuyr%2Fhl%2Bp%2FLGs6He0ZirJWG02HNgxAs7IvvmdzKehqE4LjsPKhW7U8W8HJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 09 Jul 2026 11:00:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6095&min_rtt=5791&rtt_var=561&sent=24&recv=20&lost=0&retrans=0&sent_bytes=14988&recv_bytes=5450&delivery_rate=3074034&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=21426&unsent_bytes=0&cid=a0113127b3d9a336&ts=425&inflight_dur=62&x=103"
date: Wed, 09 Jul 2025 12:54:15 GMT
last-modified: Wed, 12 Mar 2025 20:24:15 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 95c7f80db8484d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 fontgenerator.js Show response
cdn4.buysellads.net/pub/ Frame EE1C 701 KB
0 5ms
5ms Script
application/javascript 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752065400000
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-2 /
Resource Hash: 625e266d5e517f15a1973b9d7f06ccdba9a8726e46a17801d4424b3efce98cd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: br
etag: f0d2bd2b580ecf448139422ad7f42487561c01e1
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript
vary: Accept-Encoding
server: srv-lon1-2

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v43/ Frame EE1C 18 KB
0 4ms
4ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c09bfb0a6a92e9cbd914a5f86731118b052d2fdef2a6a0eac31b1780d3d97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fonts.googleapis.com/

Response headers

age: 104377
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 07:54:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 07:54:39 GMT
last-modified: Wed, 28 May 2025 17:51:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18652
x-xss-protection: 0
server: sffe

GET
H3 200 F.svg
fontgenerator.cc/icons/ Frame EE1C 5 KB
0 13ms
13ms Image
image/svg+xml 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://fontgenerator.cc/icons/F.svg

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1516"
age: 6405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FpUwZy2T7AzR629%2FYSGzhAKSEVKTz99TXwl1iPrST5EBWJ1oICk0BWfJIY1k7F%2B47ANMjz9zzmREnRwYZxu670p2cOtRC7%2F77FpagDTAkQKpynl3Di5RpxXBNYwdvS%2BuYJ2ZzGswwBjMbvDnvW8Q"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6414&min_rtt=5767&rtt_var=323&sent=100&recv=63&lost=0&retrans=0&sent_bytes=97748&recv_bytes=8505&delivery_rate=7945364&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=99766&unsent_bytes=0&cid=a0113127b3d9a336&ts=1115&inflight_dur=111&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c7f81208584d91-FRA
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 202 event Show response
stats.senty.com.au/api/ Frame EE1C 2 B
219 B 160ms
135ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-request-id: GFCWbvkiqnoGRdMMsrHR
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507020101/ Frame EE1C 539 KB
0 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507020101/pubads_impl.js?cb=31093296

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42553b60ce895fb08ea2c7f136ff2376d371ab27a8c4ae9d427de7b3c9472c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 4183756661405923630
age: 17078
x-content-type-options: nosniff
expires: Thu, 09 Jul 2026 08:09:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 09 Jul 2025 08:09:38 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173764
x-xss-protection: 0
server: cafe

GET
H3 200 GetSiteAdConfigAPI Show response
app.tinyadz.com/api/ Frame EE1C 96 B
748 B 78ms
74ms Fetch
application/json 2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetSiteAdConfigAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&refererUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:cd8d -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=0
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMEHXzFPH8oOmlkx92waIP%2Ft6%2BbH2yIkVh36mJfE6Zx%2Ftia6edlsIOHeyHJiuzNAQTQ8LnrNe7iZH5owpoRksbyT6BypX3LkUkM5plypgIluAhyG%2BqGS%2BVlRv2KYhoJZv3CExuvBg84hCejEsTE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f81cba58d2bb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6514&min_rtt=5701&rtt_var=964&sent=21&recv=19&lost=0&retrans=0&sent_bytes=8832&recv_bytes=4694&delivery_rate=1082389&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20512&unsent_bytes=0&cid=9acc700d4444f87a&ts=2443&inflight_dur=92&x=103"
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
server: cloudflare

POST
H3 419 update Show response
fontgenerator.cc/livewire/ Frame EE1C 6 KB
7 KB 246ms
237ms Fetch
text/html 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://fontgenerator.cc/livewire/update
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/livewire/livewire.min.js?id=fcf8c2ad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215f7f231630aec75244d7692513e91afe4ece0567da98154905ce6587aed69f

Request headers

Referer: https://fontgenerator.cc/embed
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-type: application/json
X-Livewire

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5ZF3LMtVMbuOdaE%2F31dT8vGuHcqwq%2BzH%2FASZoxu9F6SUiu%2FJ7C5F9Ki2lFxWOOYJWOSPpjxVeBLrTH9lPn0H38RnJxg6cfMe4y5keYj5vrPOCufkR1cakwHiiOeF0g9H9DVkjdU9Dh6dWq%2FG6jG"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f81cc8804d91-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6432&min_rtt=5767&rtt_var=201&sent=122&recv=70&lost=0&retrans=0&sent_bytes=114521&recv_bytes=9998&delivery_rate=7945364&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=116467&unsent_bytes=0&cid=a0113127b3d9a336&ts=3002&inflight_dur=137&x=103"
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202507080101/ Frame EE1C 64 KB
0 7ms
7ms Other
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202507080101/gpt

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26170f6e512b65921c72efdda4caa9e0a3a362a49625e5ca5e92a2efe74e7cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 8335879915435882070
age: 78777
x-content-type-options: nosniff
expires: Tue, 15 Jul 2025 15:01:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 08 Jul 2025 15:01:19 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23329
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202507080101"

GET
H2 200 tag Show response
btloader.com/ Frame EE1C 86 KB
0 2ms
2ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752065400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3430e17d6238991948c22e59a4119ac308daa84be92fec24814748bd51461

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "6f7d1031bbe7dea1ba688652bcb14ae0"
via: 1.1 google
cf-ray: 95c7f8108cedd40e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27996
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/javascript
last-modified: Wed, 09 Jul 2025 12:28:12 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 home.css
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/ Frame 1A64 1 KB
763 B 112ms
109ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/home.css
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"4d2-19630f6deef"
via: 1.1 Caddy
content-length: 540
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H2 200 themes.css
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/ Frame 1A64 3 KB
0 2ms
2ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/themes.css
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame 1A64 2 KB
619 B 29ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Requested by

Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 12:54:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 09 Jul 2025 12:22:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 ana.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ Frame 1A64 389 KB
0 3ms
3ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52da9eea4523d4894f5218c4e492e11eac94d625c10e7ab2136473e26c396493

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Wed, 09 Jul 2025 12:54:15 GMT
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 135913
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 themes.js Show response
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ Frame 1A64 4 KB
0 5ms
5ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/themes.js
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Wed, 09 Jul 2025 12:54:15 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 plain_logo.webp
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/ Frame 1A64 11 KB
12 KB 111ms
110ms Image
image/webp 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/plain_logo.webp
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2d9c-19630f6dee7"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 11676
date: Wed, 09 Jul 2025 12:54:18 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
content-type: image/webp
x-powered-by: Express

OPTIONS json
gum.criteo.com/sid/ Frame 0
0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame EE1C 2 KB
0 2ms
2ms Fetch
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250709

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

36de703e2f5911ab433271a452e95a337f38d2007d0a001fa2ca561e78d351df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"636-33McN8n6IlI+IkpnhIMoHaq04AM"
age: 31996
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-gru-sbgr1930069-GRU
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 806
x-jsd-version: 1.0.2476

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame EE1C 49 B
0 3ms
3ms Fetch
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002bTS1QAAW&gdpr=0&src=pbjs&ver=9.27.0&coppa=0
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json
vary: origin

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame EE1C 43 B
319 B 55ms
46ms Fetch
application/json 54.194.198.116
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://id.crwdcntrl.net/id?c=18013

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.198.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-198-116.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: application/json;charset=utf-8

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ Frame EE1C 2 B
0 3ms
3ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=533&_it=prebid&t=1&src=id&domain=fontgenerator.cc
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=604800
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
cf-ray: 95c7f8103ac9d2bf-FRA
access-control-allow-origin: *
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: application/json; charset=utf8
server: cloudflare
access-control-allow-headers: authorization,content-type

GET json
gum.criteo.com/sid/ Frame EE1C 0
0

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame EE1C 61 KB
922 B 43ms
39ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1761293
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLMUcHOyQY7Ls6Nm34YqBdNWJ3AZfi3e3e3%2BIMkLoIhjIZ61bAd4YH7KGG4F7lAkaEOc34zBVQfOhrPH7igQOZSq5i9D54iUBJ2s9DWfM%2FCNWeUxmv%2BrwCQyjNzjKHktTLZtJm8d%2BSBsBUZ%2B"}],"group":"cf-nel","max_age":604800}
CF-RAY: 95c7f81dbe6f9a30-FRA
Expires: Mon, 24 Mar 2025 20:37:34 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=7400&min_rtt=5910&rtt_var=2420&sent=34&recv=12&lost=0&retrans=0&sent_bytes=24118&recv_bytes=2863&delivery_rate=3577448&cwnd=252&unsent_bytes=0&cid=9e06c5846b862214&ts=2191&x=0"
Date: Wed, 09 Jul 2025 12:54:18 GMT
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Accept-Encoding
Server: cloudflare
Content-Type: application/javascript

GET
H2 200 CEADK5QI.json Show response
srv.buysellads.com/ads/ Frame EE1C 0
40 B 32ms
31ms Fetch
application/json 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://srv.buysellads.com/ads/CEADK5QI.json?forcebanner=593362&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752065400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-origin: *
content-length: 0
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: srv-lon1-2
access-control-allow-headers: *

GET
H2 200 dns Show response
ag.dns-finder.com/meta/ Frame EE1C 2 B
0 7ms
7ms Fetch
text/plain 34.36.200.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ag.dns-finder.com/meta/dns
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 111.200.36.34.bc.googleusercontent.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers: X-Resolver
x-resolver: default
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/plain; charset=utf-8
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ Frame EE1C 43 B
98 B 43ms
14ms Image
image/gif 2606:4700:10::ac43:b78
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 111709
x-goog-stored-content-encoding: identity
expires: Thu, 10 Jul 2025 12:54:18 GMT
x-goog-stored-content-length: 43
date: Wed, 09 Jul 2025 12:54:18 GMT
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: accept-encoding
content-type: image/gif
x-guploader-uploadid: ABgVH88YH1fcJ0zZcIzVKd1cCKgrvWiAw5d8VrInCHf82pqwFabRMdchlv7A0JuBNNgN-R4Wc2N1d8o
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 95c7f81e1fc2d2bf-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ Frame EE1C 1 KB
0 9ms
9ms Image
image/x-icon 142.250.184.230
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
age: 67073
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 18:16:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 18:16:23 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ Frame EE1C 43 B
111 B 35ms
6ms Image
image/gif 2606:4700:10::ac43:b78
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5905285282290677
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 111709
x-goog-stored-content-encoding: identity
expires: Thu, 10 Jul 2025 12:54:18 GMT
x-goog-stored-content-length: 43
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: image/gif
vary: accept-encoding
last-modified: Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid: ABgVH88YH1fcJ0zZcIzVKd1cCKgrvWiAw5d8VrInCHf82pqwFabRMdchlv7A0JuBNNgN-R4Wc2N1d8o
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 95c7f81e1fbed2bf-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 manager.js Show response
app.tinyadz.com/libs/v1.0/ Frame EE1C 7 KB
0 18ms
18ms Script
text/javascript 2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/libs/v1.0/manager.js
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:cd8d -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88d6e605b6b3818e1a94568e003b57d0b725c0e420abefddab00384c84b3bdcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYu%2BT889FmCsIr5biiMUnjgyiQksm7072Y3AKFlqFDnfjz5vwqGrz3F4pHQmaj5hrNgF7nvoNoWBBeRRyrmN5ivLyxFbGYb%2BdCRt7rsls3tt7l7949n8gZk7Q7nTamimiaG%2Br6P8FX%2BpS1pv%2FUc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c7f8114dfde7b9-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6964&min_rtt=6030&rtt_var=1546&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3642&recv_bytes=3155&delivery_rate=2524010&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15467&unsent_bytes=0&cid=d1a7c5a9d3d2a22f&ts=125&inflight_dur=55&x=103"
date: Wed, 09 Jul 2025 12:54:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare

GET
H2 200 trustedIframe.html
btloader.com/ Frame 1BC8 0
0 126ms
125ms Document
text/html 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/trustedIframe.html?o=5102648370397184&tid=zmv8P7SQaA-fdISniskB-97ef404eb1&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 95c7f81e8977d40e-FRA
content-encoding: br
content-type: text/html
date: Wed, 09 Jul 2025 12:54:18 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H3 200 blue.jpg
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/backgrounds/home/ Frame 1A64 184 KB
185 KB 102ms
95ms Image
image/jpeg 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/backgrounds/home/blue.jpg
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/home.css

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2e144-19630f6dedf"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 188740
date: Wed, 09 Jul 2025 12:54:18 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express
content-type: image/jpeg

POST
H2 204 collect
www.google-analytics.com/g/ Frame 1A64 0
0 33ms
8ms Fetch
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5771v9138172222za204&_p=1752065658641&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104630776~104630778~104684208~104684211~104718208~104839054~104839056~104885889~104885891~104909302~104909304&cid=1129975605.1752065656&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_eu=AAAAAAQ&_s=1&sid=1752065655&sct=1&seg=1&dl=https%3A%2F%2Fgofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2Fhome%2F&dr=https%3A%2F%2Fgofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2Fpages%2Fhome.html&dt=Home&en=page_view&_ee=1&tfd=465
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:18 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 pv
api.btloader.com/ Frame EE1C 0
0 151ms
123ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/pv?nlf=false&tid=zmv8P7SQaA-fdISniskB-97ef404eb1&sid=1pE3ezWlbM-16InAeBXd-97ef40468b&cv=2.1.122-1-g8b9864a&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:18 GMT
vary: Origin

GET settings_manager.js
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ Frame 1A64 0
0

GET embed
fontgenerator.cc/ Frame EE1C 0
0

GET pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ Frame 1A64 0
0

GET pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ Frame 1A64 0
0

GET eruda
cdn.jsdelivr.net/npm/ 0
0

GET home.png
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/ 0
0

GET
H3 200 favicon.ico
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ 15 KB
3 KB 94ms
93ms Other
image/vnd.microsoft.icon 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"3c2e-191c2e4c57b"
via: 1.1 Caddy
content-length: 2990
date: Wed, 09 Jul 2025 12:54:20 GMT
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon

GET
H3 200 home.png
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/ 13 KB
13 KB 92ms
92ms Image
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/home.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"32de-19630f6df13"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 13022
date: Wed, 09 Jul 2025 12:54:20 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express
content-type: image/png

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 16ms
15ms Fetch
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5771v9138172222za204&_p=1752065655180&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104630776~104630778~104684208~104684211~104718208~104839054~104839056~104885889~104885891~104909302~104909304&cid=1129975605.1752065656&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&sid=1752065655&sct=1&seg=0&dl=https%3A%2F%2Fgofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&dt=Shadow&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6232
Requested by: Host: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Jul 2025 12:54:20 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/worker.js

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&domain=fontgenerator.cc&cw=1&lsw=1

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&domain=fontgenerator.cc&cw=1&lsw=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.005&mls=0.003&nls=2&cas=0.000&nas=0&was=0.000&wls=0.003&tls=678.900&lcp=1148&lcps=1044&cbt=1314&mbt=1273&nlt=3&nif=0&ifi=0&eid=31092991%2C95353384%2C95365038%2C31093022%2C31093296%2C83321073%2C95340253%2C95340255&top=0&pvsid=3152736616341883&gpt=1

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffontgenerator.cc%2F&domain=fontgenerator.cc&cw=1&lsw=1

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffontgenerator.cc%2F&domain=fontgenerator.cc&cw=1&lsw=1

Domain: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/settings_manager.js

Domain: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda

Domain: gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/home.png

Verdicts & Comments Add Verdict or Comment

42 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 16:17:05	Name: _ga Value: GA1.1.1129975605.1752065656
.id5-sync.com/	1970-01-21 08:50:41	Name: id5 Value: 41f15cfc-5fcf-7071-b401-a16b1346fd40#1752065656357#1
.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 16:17:05	Name: _ga_NCTSG4T1B6 Value: GS2.1.s1752065655$o1$g1$t1752065658$j57$l0$h0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fontgenerator.cc/livewire/update Message: Failed to load resource: the server responded with a status of 419 ()
network	error	URL: https://fontgenerator.cc/livewire/update Message: Failed to load resource: the server responded with a status of 419 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acscdn.com
ad-delivery.net
ad.doubleclick.net
ag.dns-finder.com
api.btloader.com
app.tinyadz.com
btloader.com
cdn.jsdelivr.net
cdn4.buysellads.net
cdnjs.cloudflare.com
fontgenerator.cc
fonts.googleapis.com
fonts.gstatic.com
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
gum.criteo.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
lb.eu-1-id5-sync.com
lexicon.33across.com
pagead2.googlesyndication.com
partner.senty.com.au
script.4dex.io
securepubads.g.doubleclick.net
srv.buysellads.com
stats.senty.com.au
stpd.cloud
t1.gstatic.com
usrpubtrk.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
youradexchange.com
cdn.jsdelivr.net
fontgenerator.cc
fonts.gstatic.com
gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
gum.criteo.com
pagead2.googlesyndication.com
104.237.132.182
104.243.38.18
130.211.23.194
142.250.184.230
159.65.211.77
162.19.138.118
2606:4700:10::6816:4ad8
2606:4700:10::ac43:17ea
2606:4700:10::ac43:b78
2606:4700:20::681a:8a9
2606:4700:3033::6815:5c21
2606:4700:3033::ac43:cd8d
2606:4700:3035::6815:142
2606:4700::6811:190e
2606:4700::6812:10c9
2606:4700::6812:1862
2606:4700::6812:1f31
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a04:4e42:400::485
2a06:98c1:3121::3
34.36.200.111
35.244.193.51
54.194.198.116
57.129.85.132
026d0d5e5368e24d1b1f8ffac708b90a6141a0afa791a5a2eec54fb5dd5eec16
042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
11c09bfb0a6a92e9cbd914a5f86731118b052d2fdef2a6a0eac31b1780d3d97b
1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc
17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e
19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7
215f7f231630aec75244d7692513e91afe4ece0567da98154905ce6587aed69f
217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5
24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4
26170f6e512b65921c72efdda4caa9e0a3a362a49625e5ca5e92a2efe74e7cda
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109
36de703e2f5911ab433271a452e95a337f38d2007d0a001fa2ca561e78d351df
40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438
41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6
42553b60ce895fb08ea2c7f136ff2376d371ab27a8c4ae9d427de7b3c9472c21
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cf33c771c479833c95e75e26cc79c123ae88c52ed55ab1f5dfcb3b0bf9807c7
4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b
4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6
50df99b68aea2b99ad8a117f6d3ce0a5b448bd09148cbcf94eb5f63908a44f66
52da9eea4523d4894f5218c4e492e11eac94d625c10e7ab2136473e26c396493
56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0
57e236abeb62ff33b5d00573839ae546ad4f579cfd14f327cf87472e695279b6
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc
5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60
5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6
625e266d5e517f15a1973b9d7f06ccdba9a8726e46a17801d4424b3efce98cd6
69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f
6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0
731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5
734e0e4308c5fbb5999269d165b1a54cdaead6e156cf8e7b07692a15dd70bdb1
74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1
78ffd9f0246c62c5eb5c262ca1bb2d09797c85c7bac3ed6f92d416efab022c8a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
810b7f307183d73fdbe7b5e899cd25137a4f2e16d6e9a02fe22a91f22abdd7bc
84f796be2fbef3583823bc3bae446c8ce5aa1e5b407d74cc021c22137a9ba859
8538b1993b3e409b97eb358a67ea08e9b2bb9b3f645a182a38badefce054530b
88d6e605b6b3818e1a94568e003b57d0b725c0e420abefddab00384c84b3bdcc
8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329
8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc
8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073
92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24
9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797
a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47
a2ea232bb2f4cf7d88071aea08c659f762ee01d0e0a1ed845db965d470d47396
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366
b15de36af5d8f15fbcec15399552be03a05cab1c61543b0232e7e2342e76494c
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2
bf9cdad83deb13c8f283b10b732e4fd4f4908c0f2d8ac7fc2ed4685356e24c54
bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc
c0490c9f4319975e560b0407a8b2e3e7fc57504b6a08cec61818fe69858ff41c
c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc
d8e3783dafaec68331904ad2dcec69ba0e18c55290155020a063afe70938220a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a3430e17d6238991948c22e59a4119ac308daa84be92fec24814748bd51461
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02
ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596
ed15bbf4c911176993b47242f02fa0a03836b69685068e527c3bd74297fb4588
f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd
f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d
fcaa3762c060a5d51954912a6c53e6ad9a7822f994ce9af6c1edc4f256c9f046
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org 104.243.38.18 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

89 %HTTPS

66 %IPv6

29 Domains

33 Subdomains

30 IPs

5 Countries

1527 kBTransfer

8576 kBSize

3 Cookies

1 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gofuspcm.rzppjwng.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
104.243.38.18 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

139
Requests

89 %
HTTPS

66 %
IPv6

29
Domains

33
Subdomains

30
IPs

5
Countries

1527 kB
Transfer

8576 kB
Size

3
Cookies

139 HTTP transactions
0 data transactions