mlx.su Open in urlscan Pro
104.21.55.108  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 3b86e821 Show response mlx.su/paste/view/	46 KB 11 KB	1413ms 412ms	Document text/html	104.21.55.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/view/3b86e821 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.55.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2893b5a107d070292dd66137935cf841e7f2909e20ba4b2e40e550ff10ddc5e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control cf-cache-status DYNAMIC cf-ray 98a38f9b7bfdfe0b-SIN content-encoding zstd content-type text/html; charset=UTF-8 date Mon, 06 Oct 2025 07:49:14 GMT expires Mon, 29 Sep 2025 07:49:14 GMT nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} pragma report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nxKKm6IYsvarGVTM2UFzBjXr8rVE%2BrGgXyuz9p31VdoijMxEqJvN04968%2FUgrXXotq%2BDIDiDYq8vKgFxQdpJt7ZtUll76Q%3D%3D"}]} server cloudflare server-timing cfCacheStatus;desc="DYNAMIC" cfEdge;dur=8,cfOrigin;dur=292 vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	357 KB 127 KB	925ms 394ms	Script application/javascript	172.217.175.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XSN8X7N395 Requested by Host: mlx.su URL: https://mlx.su/paste/view/3b86e821 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.175.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s29-in-f8.1e100.net Software Google Tag Manager / Resource Hash ef03328a2894a5dcc8c88ff6c16013a41722ba3970784566610cda8be84e8a69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 content-encoding zstd cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Mon, 06 Oct 2025 07:49:15 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 129920 date Mon, 06 Oct 2025 07:49:15 GMT x-xss-protection 0 content-type application/javascript; charset=UTF-8 vary Accept-Encoding server Google Tag Manager access-control-allow-headers Cache-Control
GET H2	200	richads-ob.js Show response richinfo.co/richpartners/in-page/js/	68 KB 25 KB	1028ms 401ms	Script application/x-javascript	109.200.199.110 i3Dnet i3D.net B.V
General Check archive.org Show headers Download Go to Full URL https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=972747&siteid=362980 Requested by Host: mlx.su URL: https://mlx.su/paste/view/3b86e821 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.199.110 Settimo Milanese, Italy, ASN49544 (i3Dnet i3D.net B.V, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash a3c16789981b4d2b6d56e5df945e814a4a9d75e7994f8e47e9947f243cdbc012 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-encoding gzip etag W/"d6d62ab56debb0cf7b827038d51e8628" x-amz-version-id 2JYhTQnxLtp5Nl842qLgmFfpvBr0J37V x-amz-request-id TNRXDTMR2C4VEW6W date Mon, 06 Oct 2025 07:49:15 GMT content-type application/x-javascript last-modified Fri, 26 Sep 2025 13:47:45 GMT server openresty/1.21.4.1 x-amz-id-2 MILwRqrdrCjQViyFO8OcBAHPzl5LOMqdR0zouURcdZQJNU+ZbL37LzPLVIoPVVXBCCIXdm21bDQ=
GET H2	200	168110833636dc087932d2200f08c0554a95fa8fec.css mlx.su/paste/static/asset/	100 KB 18 KB	118ms 111ms	Stylesheet text/css	104.21.55.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/static/asset/168110833636dc087932d2200f08c0554a95fa8fec.css Requested by Host: mlx.su URL: https://mlx.su/paste/view/3b86e821 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.55.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d9e018de8f460789f8e0fbf454d12f0ca2857bcbbe57dc1ab3a6bb5ea044471 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/view/3b86e821 Response headers cache-control max-age=259200 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"6433bcf5-190a2" age 14158 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=m3pvroYE%2FZpszPEVLrbcJxlnBEjN7kuDU4rvj%2Bcif%2B9xR1UmI6OoEkvm%2FYMZpDXix709I20twVqG2rfIby9LSxl%2Bqa7BDQ%3D%3D"}]} cf-ray 98a38f9e39ddfe0b-SIN expires Thu, 09 Oct 2025 03:48:45 GMT alt-svc h3=":443"; ma=86400 date Mon, 06 Oct 2025 07:49:14 GMT content-type text/css last-modified Mon, 10 Apr 2023 07:38:29 GMT server cloudflare vary Accept-Encoding
GET H2	200	3b86e821 mlx.su/paste/view/qr/	380 B 641 B	472ms 467ms	Image image/png	104.21.55.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mlx.su/paste/view/qr/3b86e821 Requested by Host: mlx.su URL: https://mlx.su/paste/view/3b86e821 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.55.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccc228679120143f21eac0487a099ede9eedb914562d1a3893f9c98d1a334f55 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/view/3b86e821 Response headers cache-control nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-cache-status DYNAMIC pragma report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0ut7cbHoY3KGs33S94swvbihQrlJMhCMG%2BzOPqBreI39sLXP4ofFxRUSG7YxI%2B7Gz4%2B0p472lBt4osJRX%2FVen4vxpJeZ2w%3D%3D"}]} cf-ray 98a38f9e39e0fe0b-SIN expires Tue, 06 Oct 2026 07:49:14 GMT alt-svc h3=":443"; ma=86400 date Mon, 06 Oct 2025 07:49:14 GMT content-type image/png server cloudflare
GET H3	200	api.js Show response www.google.com/recaptcha/	2 KB 1 KB	702ms 235ms	Script text/javascript	142.250.76.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: mlx.su URL: https://mlx.su/paste/view/3b86e821 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f4.1e100.net Software ESF / Resource Hash 5ef4c3db7c560d795cb8bab42627b64a52e436ff47cd0fc6b45cae61fb50ac0f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Mon, 06 Oct 2025 07:49:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Mon, 06 Oct 2025 07:49:15 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H3	200	168110833790a3218725fd31ca20064f5204d6a59d.js Show response mlx.su/paste/static/asset/	267 KB 87 KB	133ms 131ms	Script application/javascript	104.21.55.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/static/asset/168110833790a3218725fd31ca20064f5204d6a59d.js Requested by Host: mlx.su URL: https://mlx.su/paste/view/3b86e821 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a53bed056cf837e2a686743d9c4f9983e69b9f3399ea140a35c14c278ce4c7b Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/view/3b86e821 Response headers cache-control max-age=259200 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding gzip cf-cache-status HIT etag "6433bcfb-42d6d" age 94422 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=N2dIJiJnRsLgxb09bdmuPjY6uEGOijUhJsBUUW0pXA7VXe5maC0pldb4W82jQn6%2FE2jtxnzX7V8kbzHaKYO3ee8%2B8eVYTA%3D%3D"}]} cf-ray 98a38f9faf336bca-SIN expires Tue, 07 Oct 2025 15:59:14 GMT alt-svc h3=":443"; ma=86400 date Mon, 06 Oct 2025 07:49:14 GMT content-type application/javascript last-modified Mon, 10 Apr 2023 07:38:35 GMT server cloudflare vary Accept-Encoding
GET H2	200	vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	644ms 321ms	Script text/javascript	104.16.80.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Requested by Host: mlx.su URL: https://mlx.su/paste/view/3b86e821 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.80.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Origin https://mlx.su Referer https://mlx.su/ Response headers cache-control public, max-age=86400 content-encoding gzip etag W/"2024.6.1" cross-origin-resource-policy cross-origin cf-ray 98a38fa27bebfde4-SIN access-control-allow-origin * date Mon, 06 Oct 2025 07:49:15 GMT content-type text/javascript;charset=UTF-8 last-modified Thu, 06 Jun 2024 15:52:56 GMT vary Accept-Encoding server cloudflare
GET H2	200	recaptcha__zh_tw.js Show response www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/	801 KB 346 KB	798ms 273ms	Script text/javascript	142.250.199.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__zh_tw.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.199.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f3.1e100.net Software sffe / Resource Hash 35d534ecd4fc39622c2fd6beceeb3f0e75f4edf4552916d3ba38cef1ddb69bb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Origin https://mlx.su Referer https://mlx.su/ Response headers content-encoding gzip age 313659 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Fri, 02 Oct 2026 16:41:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 02 Oct 2025 16:41:36 GMT last-modified Mon, 29 Sep 2025 12:04:53 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes access-control-allow-origin * content-length 353309 x-xss-protection 0 server sffe
GET H3	200	glyphicons-halflings-white.png mlx.su/paste/themes/bootstrap/images/	9 KB 9 KB	112ms 112ms	Image image/png	104.21.55.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mlx.su/paste/themes/bootstrap/images/glyphicons-halflings-white.png Requested by Host: mlx.su URL: https://mlx.su/paste/static/asset/168110833636dc087932d2200f08c0554a95fa8fec.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/static/asset/168110833636dc087932d2200f08c0554a95fa8fec.css Response headers cf-cache-status HIT etag "6433ad70-2249" age 136231 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aHtHVGp0C3FFIK7jwLY7zvls6D7upE26VFlboTpBKYJp9x5Wvne4DI%2BF780asuCqIWiy%2B5ot7aHtcGWWkHBWDhSt8mS1rw%3D%3D"}]} expires Mon, 06 Oct 2025 15:12:24 GMT alt-svc h3=":443"; ma=86400 date Mon, 06 Oct 2025 07:49:15 GMT content-type image/png last-modified Mon, 10 Apr 2023 06:32:16 GMT vary accept-encoding cache-control max-age=259200 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 98a38fa30f596bca-SIN accept-ranges bytes content-length 8777 server cloudflare
GET H3	200	text Show response mlx.su/paste/main/get_cm_js/	0 556 B	345ms 345ms	XHR text/html	104.21.55.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/main/get_cm_js/text?_=1759736955585 Requested by Host: mlx.su URL: https://mlx.su/paste/static/asset/168110833790a3218725fd31ca20064f5204d6a59d.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://mlx.su/paste/view/3b86e821 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Response headers cache-control no-store, no-cache, must-revalidate nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status DYNAMIC pragma no-cache report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sDHzRhvqcwdf5kmKUHm0a%2BSEXUX9u18lbxWruD0ou4hyz%2BOpE8Oj5soJGQr6yCcmyWj0ZelkHoogbmV6ZSEoezjXbmda2g%3D%3D"}]} cf-ray 98a38fa4df7a6bca-SIN expires Thu, 19 Nov 1981 08:52:00 GMT alt-svc h3=":443"; ma=86400 date Mon, 06 Oct 2025 07:49:15 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H2	200	in-page.css 7ool.net/richpartners/in-page/js/	2 KB 1 KB	1608ms 647ms	Stylesheet text/css	31.204.132.208 i3Dnet i3D.net B.V
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/in-page/js/in-page.css Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=972747&siteid=362980 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.204.132.208 Atlanta, United States, ASN49544 (i3Dnet i3D.net B.V, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash c32db7b04d099a77cec006a811b99040d697726093aa780db55f23ec67882282 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-encoding gzip etag W/"7b98c1051df4fae82026de8cec85b36f" x-amz-version-id uV0eVBkhklPdLcq9rdPzUdryya1biujq x-amz-request-id F8TENVNEDCN0843R date Mon, 06 Oct 2025 07:49:17 GMT content-type text/css last-modified Fri, 26 Sep 2025 13:47:45 GMT server openresty/1.21.4.1 x-amz-id-2 kZbWnLyGfmPDQyytBmwZtR1NL095kFRXUGzWpqJj+DRm0kqpXfGe6+H0nGb078etdeKWLlvipfI=
GET H2	200	in-page-ob.js Show response 7ool.net/richpartners/in-page/js/	52 KB 19 KB	2154ms 1196ms	Script application/x-javascript	31.204.132.208 i3Dnet i3D.net B.V
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/in-page/js/in-page-ob.js Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=972747&siteid=362980 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.204.132.208 Atlanta, United States, ASN49544 (i3Dnet i3D.net B.V, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 9d5c30673aadd8731fb70c9f0e55c36599877cfbafad2eee0663b9ad9a70951f Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-encoding gzip etag W/"fcceeed4d141f3fccd9455f2bcc675c2" x-amz-version-id 1e5GVGb_g_MuplvyFn9V5UIUD.yC4sLa x-amz-request-id F8TCGQE26P8MMQZG date Mon, 06 Oct 2025 07:49:17 GMT content-type application/x-javascript last-modified Fri, 26 Sep 2025 13:47:45 GMT server openresty/1.21.4.1 x-amz-id-2 ngVaPCy7Ac5TL6NkUQIvcoXqbrN0nz9ZNj11mbE8pbKVh/6KJ8fRzA53uS0ZUEesNDMYHyIc+fDF/Uaks8UFTqDOa8qFKx3v
POST H2	204	collect analytics.google.com/g/	0 0	530ms 207ms	Fetch text/plain	216.239.36.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-XSN8X7N395&gtm=45je5a11v9108914121za200zd9108914121&_p=1759736954557&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1689465965.1759736956&ul=zh-tw&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115616985~115834636~115834638&sid=1759736955&sct=1&seg=0&dl=https%3A%2F%2Fmlx.su%2Fpaste%2Fview%2F3b86e821&dt=Registered%20Agent%20Services%3A%20The%20Unsung%20Champion%20in%20-%20MLX%20Paste&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2722 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XSN8X7N395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0 report-to {"group":"ascnsrsggc:158:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://mlx.su cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:158:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 06 Oct 2025 07:49:16 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 551 B	688ms 259ms	Ping text/plain	173.194.174.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XSN8X7N395&cid=1689465965.1759736956&gtm=45je5a11v9108914121za200zd9108914121&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115616985~115834636~115834638 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XSN8X7N395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.174.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS td-in-f155.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:127:0 report-to {"group":"ascnsrsggc:127:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:127:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://mlx.su cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:127:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 06 Oct 2025 07:49:16 GMT content-type text/plain server Golfe2
GET H2	200	ga-audiences www.google.com.tw/ads/	42 B 408 B	924ms 388ms	Image image/gif	142.250.196.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.tw/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XSN8X7N395&cid=1689465965.1759736956&gtm=45je5a11v9108914121za200zd9108914121&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115616985~115834636~115834638&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115616985~115834636~115834638&z=1122835325 Requested by Host: mlx.su URL: https://mlx.su/paste/view/3b86e821 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.196.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s35-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 06 Oct 2025 07:49:17 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 7DF3	76 KB 44 KB	501ms 269ms	Document text/html	142.250.76.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&co=aHR0cHM6Ly9tbHguc3U6NDQz&hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=psxnsw4a1skh Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__zh_tw.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f4.1e100.net Software ESF / Resource Hash 63f09a7865fca0b931d038681b22ea4bbac59eaf933b72aaaecbbaa465f36123 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-MNLRd-r16JYdKjE_SN_8lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mlx.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-MNLRd-r16JYdKjE_SN_8lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Mon, 06 Oct 2025 07:49:17 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ Frame 7DF3	81 KB 42 KB	800ms 277ms	Stylesheet text/css	142.250.199.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&co=aHR0cHM6Ly9tbHguc3U6NDQz&hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=psxnsw4a1skh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.199.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f3.1e100.net Software sffe / Resource Hash 662adc43814a4e800c73cc57c6cabd06482cf9c07000621d276c205d23dbeed3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.google.com/ Response headers content-encoding gzip age 25605 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Tue, 06 Oct 2026 00:42:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 06 Oct 2025 00:42:32 GMT last-modified Mon, 29 Sep 2025 12:04:53 GMT content-type text/css vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes content-length 42483 x-xss-protection 0 server sffe
GET H2	200	recaptcha__zh_tw.js Show response www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ Frame 7DF3	801 KB 345 KB	1005ms 484ms	Script text/javascript	142.250.199.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__zh_tw.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&co=aHR0cHM6Ly9tbHguc3U6NDQz&hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=psxnsw4a1skh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.199.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f3.1e100.net Software sffe / Resource Hash 35d534ecd4fc39622c2fd6beceeb3f0e75f4edf4552916d3ba38cef1ddb69bb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.google.com/ Response headers content-encoding gzip age 313662 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Fri, 02 Oct 2026 16:41:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 02 Oct 2025 16:41:36 GMT last-modified Mon, 29 Sep 2025 12:04:53 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes access-control-allow-origin * content-length 353309 x-xss-protection 0 server sffe
GET H2	200	info Show response eu.convers.link/users/	211 B 294 B	2190ms 926ms	Script application/json	5.200.15.240 i3Dnet i3D.net B.V
General Check archive.org Show headers Download Go to Full URL https://eu.convers.link/users/info?callback=userinfo_rp_ip Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=972747&siteid=362980 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.200.15.240 Rotterdam, Netherlands, ASN49544 (i3Dnet i3D.net B.V, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 983b7bed1f8a9059bc1fa2510cf057182e5c242ef6fe6b25f0b709bba9e634ff Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers content-encoding gzip date Mon, 06 Oct 2025 07:49:20 GMT content-type application/json; charset=UTF-8 server openresty/1.21.4.1
GET DATA	200 OK	truncated / Frame 7DF3	31 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e583a64737d75ef361495f197e5bbe163b2abdd6dc9741daef954572f2b1dba8 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 7DF3	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 695685c0a7142eaad299469688415084bb3e6d16fd115de37f5a5bfa41778a38 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 7DF3	2 KB 2 KB	191ms 190ms	Image image/png	142.250.199.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.199.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f3.1e100.net Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css Response headers age 313627 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Thu, 09 Oct 2025 16:42:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 02 Oct 2025 16:42:11 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type image/png cache-control public, max-age=604800 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes content-length 2228 x-xss-protection 0 server sffe
GET		webworker.js www.google.com/recaptcha/api2/ Frame 7DF3	0 0
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 7DF3	15 KB 15 KB	445ms 204ms	Font font/woff2	142.251.42.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&co=aHR0cHM6Ly9tbHguc3U6NDQz&hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=psxnsw4a1skh Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Origin https://www.google.com Referer https://www.google.com/ Response headers age 313710 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 02 Oct 2026 16:40:48 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 02 Oct 2025 16:40:48 GMT last-modified Mon, 16 Oct 2017 17:32:55 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 15344 x-xss-protection 0 server sffe
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 0127	7 KB 1 KB	233ms 233ms	Document text/html	142.250.76.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&bft=0dAFcWeA4UaFYOaJjKdhiNS4uwhtu9eGvnyaH-t1MJifGA7GAG9bXlS0ZySTf2mWgCT8Mx51I3r_Mh-GjpCZ-Tk3uK9-6L7Exirw Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__zh_tw.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.76.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s06-in-f4.1e100.net Software ESF / Resource Hash bbea10c7d4a094d14670b32dabacee4dc8439ef4d16c7a7cdf3b8b585a75e9f4 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8aDOtHKJ2tvpf4WojEXDRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mlx.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-8aDOtHKJ2tvpf4WojEXDRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Mon, 06 Oct 2025 07:49:19 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ Frame 0127	81 KB 0	800ms 277ms	Stylesheet text/css	142.250.199.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&bft=0dAFcWeA4UaFYOaJjKdhiNS4uwhtu9eGvnyaH-t1MJifGA7GAG9bXlS0ZySTf2mWgCT8Mx51I3r_Mh-GjpCZ-Tk3uK9-6L7Exirw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.199.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f3.1e100.net Software sffe / Resource Hash 662adc43814a4e800c73cc57c6cabd06482cf9c07000621d276c205d23dbeed3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.google.com/ Response headers content-encoding gzip age 25605 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Tue, 06 Oct 2026 00:42:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 06 Oct 2025 00:42:32 GMT last-modified Mon, 29 Sep 2025 12:04:53 GMT content-type text/css vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes content-length 42483 x-xss-protection 0 server sffe
GET H2	200	recaptcha__zh_tw.js Show response www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ Frame 0127	801 KB 0	1005ms 484ms	Script text/javascript	142.250.199.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__zh_tw.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&bft=0dAFcWeA4UaFYOaJjKdhiNS4uwhtu9eGvnyaH-t1MJifGA7GAG9bXlS0ZySTf2mWgCT8Mx51I3r_Mh-GjpCZ-Tk3uK9-6L7Exirw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.199.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f3.1e100.net Software sffe / Resource Hash 35d534ecd4fc39622c2fd6beceeb3f0e75f4edf4552916d3ba38cef1ddb69bb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.google.com/ Response headers content-encoding gzip age 313662 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Fri, 02 Oct 2026 16:41:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 02 Oct 2025 16:41:36 GMT last-modified Mon, 29 Sep 2025 12:04:53 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes access-control-allow-origin * content-length 353309 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 0127	15 KB 0	445ms 204ms	Font font/woff2	142.251.42.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&bft=0dAFcWeA4UaFYOaJjKdhiNS4uwhtu9eGvnyaH-t1MJifGA7GAG9bXlS0ZySTf2mWgCT8Mx51I3r_Mh-GjpCZ-Tk3uK9-6L7Exirw Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f3.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Origin https://www.google.com Referer https://www.google.com/ Response headers age 313710 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 02 Oct 2026 16:40:48 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 02 Oct 2025 16:40:48 GMT last-modified Mon, 16 Oct 2017 17:32:55 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 15344 x-xss-protection 0 server sffe
GET		fp.js 7ool.net/richpartners/in-page/js/	0 0
POST H3	204	rum Show response mlx.su/cdn-cgi/	0 401 B	109ms 106ms	XHR text/plain	104.21.55.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Referer https://mlx.su/paste/view/3b86e821 Response headers access-control-max-age 86400 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=b%2BC9Fp1UyXjg8idrM%2F7UPFDL43Ad15T0qqi5QAyoZR9NZ03Q%2BIvqzZwojqhzKnsjUphjOhJMCzZx%2B8jelTupmWbpKskxIA%3D%3D"}]} access-control-allow-credentials true access-control-allow-methods POST,OPTIONS cf-ray 98a38fc1d9756bca-SIN access-control-allow-origin https://mlx.su alt-svc h3=":443"; ma=86400 date Mon, 06 Oct 2025 07:49:20 GMT content-type text/plain vary Origin, accept-encoding server cloudflare
GET H3	200	favicon.ico mlx.su/paste/	3 KB 1 KB	113ms 113ms	Other image/x-icon	104.21.55.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c10f19a9016580d89f46e8984679eac48383bd7aa5468a224d9fa4dead31e6a7 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/view/3b86e821 Response headers cache-control max-age=259200 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"6433ad70-a7e" age 130958 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vtqyAakyLOoSK0oCyj8m6n2oeQpuZvJERs9dd%2FJUVW0HoP53mG3GUFGd0C97Lg8sjem92Td%2B9ukSTDF4NcIlFdcEN0jhAw%3D%3D"}]} cf-ray 98a38fc1d9766bca-SIN expires Mon, 06 Oct 2025 01:17:31 GMT alt-svc h3=":443"; ma=86400 date Mon, 06 Oct 2025 07:49:20 GMT content-type image/x-icon vary accept-encoding server cloudflare last-modified Mon, 10 Apr 2023 06:32:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google.com

URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-TW&v=Jv8jlA-BQE5JD6rA-h_iqNH2

Domain

7ool.net

URL

https://7ool.net/richpartners/in-page/js/fp.js

46 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer string| base_url object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| CryptoJS object| LZString function| CodeMirror object| ST function| $ function| jQuery object| FileReaderJS object| linkify object| __cfBeacon object| $embed_field string| w_href function| _0x4ca3 function| _0xd016 function| DOMReady function| userinfo_rp_ip object| google_tag_manager object| google_tag_data object| gaGlobal object| recaptcha object| closure_lm_262285 function| _0x1b8f05 function| _0x1755 function| _0x3bf1 function| process function| _0x5b9bd3 function| _0x2f82a9 function| showInPage function| clickInPage function| closePopup function| showNotifyByDelay function| isCapped function| getCookie function| setCookie function| addPopup function| getDefaultsOptions function| getTemplateInfo

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mlx.su/	1970-01-21 08:50:23	Name: stikked Value: jgs2qoh79juoe0fqjslk63lv6tbifda1
			.mlx.su/	1970-01-21 18:24:56	Name: _ga_XSN8X7N395 Value: GS2.1.s1759736955$o1$g0$t1759736955$j60$l0$h0
			.mlx.su/	1970-01-21 18:24:56	Name: _ga Value: GA1.1.1689465965.1759736956

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__zh_tw.js(Line 661) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ool.net
analytics.google.com
eu.convers.link
fonts.gstatic.com
mlx.su
richinfo.co
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google.com
www.google.com.tw
www.googletagmanager.com
www.gstatic.com
7ool.net
www.google.com
104.16.80.73
104.21.55.108
109.200.199.110
142.250.196.99
142.250.199.99
142.250.76.132
142.251.42.163
172.217.175.232
173.194.174.155
216.239.36.181
31.204.132.208
5.200.15.240
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
35d534ecd4fc39622c2fd6beceeb3f0e75f4edf4552916d3ba38cef1ddb69bb9
3a53bed056cf837e2a686743d9c4f9983e69b9f3399ea140a35c14c278ce4c7b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5d9e018de8f460789f8e0fbf454d12f0ca2857bcbbe57dc1ab3a6bb5ea044471
5ef4c3db7c560d795cb8bab42627b64a52e436ff47cd0fc6b45cae61fb50ac0f
63f09a7865fca0b931d038681b22ea4bbac59eaf933b72aaaecbbaa465f36123
662adc43814a4e800c73cc57c6cabd06482cf9c07000621d276c205d23dbeed3
695685c0a7142eaad299469688415084bb3e6d16fd115de37f5a5bfa41778a38
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
983b7bed1f8a9059bc1fa2510cf057182e5c242ef6fe6b25f0b709bba9e634ff
9d5c30673aadd8731fb70c9f0e55c36599877cfbafad2eee0663b9ad9a70951f
a3c16789981b4d2b6d56e5df945e814a4a9d75e7994f8e47e9947f243cdbc012
b2893b5a107d070292dd66137935cf841e7f2909e20ba4b2e40e550ff10ddc5e
bbea10c7d4a094d14670b32dabacee4dc8439ef4d16c7a7cdf3b8b585a75e9f4
c10f19a9016580d89f46e8984679eac48383bd7aa5468a224d9fa4dead31e6a7
c32db7b04d099a77cec006a811b99040d697726093aa780db55f23ec67882282
ccc228679120143f21eac0487a099ede9eedb914562d1a3893f9c98d1a334f55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e583a64737d75ef361495f197e5bbe163b2abdd6dc9741daef954572f2b1dba8
ef03328a2894a5dcc8c88ff6c16013a41722ba3970784566610cda8be84e8a69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4